Insyde's Security Pledge

Recent Security Advisories

INSYDE-SA-2023048

Product

CVSS Score

Original Date

Last Revised

InsydeH2O

7.5

2023-08-08

Summary

Upgrade FreeType Build Tool to version 2.13.0 which addressed following vulnerability. This vulnerability was withdrawn by its CNA.

Vulnerability Details

CVSS Vector: WITHDRAWN

Upgrade FreeType Build Tool to version 2.13.0 which addressed following vulnerability. This vulnerability was withdrawn by its CNA.

CVE-2023-2004
CVSS:7.5
Description: An integer overflow vulnerability was discovered in Freetype in tt_hvadvance_adjust() function in src/truetype/ttgxvar.c.
(InsydeH2O is not affected by this vulnerability)

Solution Information

Kernel 5.2: Version 05.28.19
Kernel 5.3: Version 05.37.19
Kernel 5.4: Version 05.45.19
Kernel 5.5: Version 05.53.19
Kernel 5.6: Version 05.60.19

Acknowledgements

Revision History

Revision #

Date

Description

1

2023-08-08

Initial Release