CVE-2023-37769 - Divide By Zero

Severity

65%

Complexity

27%

Confidentiality

60%

stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combine_inner at /pixman-combine-float.c.

CVSS 3.1 Base Score 6.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H).

Demo Examples

Divide By Zero

CWE-369

The following Java example contains a function to compute an average but does not validate that the input value used as the denominator is not zero. This will create an exception for attempting to divide by zero. If this error is not handled by Java exception handling, unexpected results can occur.


               
}
return totalTime / numRequests;

By validating the input value used as the denominator the following code will ensure that a divide by zero error will not cause unexpected results. The following Java code example will validate the input value, output an error message, and throw an exception.


               
}
return totalTime / numRequests;
throw ArithmeticException;

Divide By Zero

CWE-369

Divide By Zero

CWE-369

Overview

First reported 1 year ago

2023-07-17 20:15:00

Last updated 1 year ago

2023-07-28 13:22:00

Affected Software

Pixman

References

https://gitlab.freedesktop.org/pixman/pixman/-/issues/76

https://gitlab.freedesktop.org/pixman/pixman/-/issues/76

Exploit, Issue Tracking, Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.