{"id":"CVE-2017-11464","details":"A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.","modified":"2026-07-08T11:49:28.772947Z","published":"2017-07-19T21:29:00.197Z","related":["SUSE-SU-2017:2117-1","openSUSE-SU-2024:10986-1"],"references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/99956"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html"},{"type":"WEB","url":"https://usn.ubuntu.com/4436-1/"},{"type":"REPORT","url":"https://bugzilla.gnome.org/show_bug.cgi?id=783835"},{"type":"FIX","url":"https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a"},{"type":"FIX","url":"https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gnome/librsvg","events":[{"introduced":"f4cf9aca144eeda8f441f839881bcbd492529002"},{"last_affected":"f4cf9aca144eeda8f441f839881bcbd492529002"},{"fixed":"ecf9267a24b2c3c0cd211dbdfa9ef2232511972a"}],"database_specific":{"source":["CPE_STRING","REFERENCES"],"extracted_events":[{"introduced":"2.40.17"},{"last_affected":"2.40.17"}],"cpe":"cpe:2.3:a:gnome:librsvg:2.40.17:*:*:*:*:*:*:*"}}],"versions":["2.40.17"],"database_specific":{"vanir_signatures_modified":"2026-07-08T11:49:28Z","vanir_signatures":[{"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["60710757765042846072452963898315618095","81260221110783572576927806438717161855","287741113869909529612899174918313465550","260269830588127276579239904639252216220","271919613184680644970865977288842949543","246686619793903000549094537293056569659","333848912678487153469182658722756863527","46477267391596318075153474765805612706","108157836319644259159162778449093533869","297219754582390609361279564228753198207","176682382039225235177199854706792212973","65639977433304009880378936341933579960","4575917603576060409660513994630108673","299226572798831544891234881543592226228","38248917887221310127579179192707040202","181695919477162480657695002558378404689","333551738086001108360925952947498495309","288987956424050598615177992042407208044","39829462587944474158032638248929622032","260216527266713660903957231831411670895","238533111514560442674895364655264063808","12403177967334019117040563182884082994"]},"id":"CVE-2017-11464-1042029f","target":{"file":"rsvg-filter.c"},"source":"https://github.com/gnome/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a","signature_version":"v1","deprecated":false},{"signature_type":"Function","digest":{"function_hash":"161871756992978402804585812170458726280","length":1806},"id":"CVE-2017-11464-cd2c1adf","target":{"file":"rsvg-filter.c","function":"box_blur_line"},"source":"https://github.com/gnome/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a","signature_version":"v1","deprecated":false},{"signature_type":"Function","digest":{"function_hash":"178831317672766392428689827288743486572","length":2858},"id":"CVE-2017-11464-dceb298a","target":{"file":"rsvg-filter.c","function":"gaussian_blur_surface"},"source":"https://github.com/gnome/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a","signature_version":"v1","deprecated":false}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-11464.json"}},{"ranges":[{"type":"GIT","repo":"https://gitlab.gnome.org/gnome/librsvg","events":[{"introduced":"f4cf9aca144eeda8f441f839881bcbd492529002"},{"last_affected":"f4cf9aca144eeda8f441f839881bcbd492529002"}],"database_specific":{"source":"CPE_STRING","extracted_events":[{"introduced":"2.40.17"},{"last_affected":"2.40.17"}],"cpe":"cpe:2.3:a:gnome:librsvg:2.40.17:*:*:*:*:*:*:*"}}],"versions":["2.40.17"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-11464.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}