CVE-2020-37011

Vulnerability

Gnome Fonts Viewer (gnome-font-viewer) 3.34.0 contains a heap corruption vulnerability in its handling of TrueType font files. The root cause is an out-of-bounds write (CWE-787) triggered by a specially crafted TTF file with an oversized pattern, leading to an infinite malloc() loop [2][3].

Exploitation

Exploitation requires the attacker to supply a malicious TTF file to the target user. No authentication or special network position is needed; the user only needs to open the file with Gnome Fonts Viewer. The provided exploit code demonstrates a file with repeated 'BEEF' patterns causing uncontrolled memory allocation [2].

Impact

Successful exploitation results in uncontrolled memory consumption, causing the gnome-font-viewer process to crash or hang. In extreme cases, this could lead to system instability or denial of service for the user session. No remote code execution is reported, but the heap corruption may allow further exploitation [3].

Mitigation

As of the latest available information, no official patch has been released for this vulnerability. Users should avoid opening untrusted font files with Gnome Fonts Viewer. The Fonts app (version 50.0) may contain fixes, but the vulnerable version 3.34.0 remains at risk [2][3].