hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "199082770400909606321589194843450527664", "87419159144381551629992409665691100659", "316516650934869293814167978590599149972", "203275194265138133167303134542089474071" ] }, "id": "CVE-2023-25193-cb610f4e", "signature_type": "Line", "deprecated": false, "source": "https://github.com/harfbuzz/harfbuzz/commit/85be877925ddbf34f74a1229f3ca1716bb6170dc", "signature_version": "v1", "target": { "file": "src/hb-ot-layout-gsubgpos.hh" } } ] }