|
|
Subscribe / Log in / New account

libxfont: privilege escalation

Package(s):libxfont CVE #(s):CVE-2013-6462
Created:January 8, 2014 Updated:January 29, 2014
Description: From the X.Org advisory:

Scanning of the libXfont sources with the cppcheck static analyzer included a report of: 

  [lib/libXfont/src/bitmap/bdfread.c:341]: (warning)
      scanf without field width limits can crash with huge input data.
Evaluation of this report by X.Org developers concluded that a BDF font file containing a longer than expected string could overflow the buffer on the stack. Testing in X servers built with Stack Protector resulted in an immediate crash when reading a user-provided specially crafted font.

As libXfont is used to read user-specified font files in all X servers distributed by X.Org, including the Xorg server which is often run with root privileges or as setuid-root in order to access hardware, this bug may lead to an unprivileged user acquiring root privileges in some systems.

Alerts:
Fedora FEDORA-2015-3948 nx-libs 2015-03-26
Fedora FEDORA-2015-3964 nx-libs 2015-03-26
Gentoo 201402-23 libXfont 2014-02-21
Fedora FEDORA-2014-0467 libXfont 2014-01-29
Mandriva MDVSA-2014:013 libxfont 2014-01-21
Mageia MGASA-2014-0020 libxfont 2014-01-21
openSUSE openSUSE-SU-2014:0073-1 libXfont 2014-01-15
openSUSE openSUSE-SU-2014:0075-1 libXfont 2014-01-15
Slackware SSA:2014-013-01 libXfont 2014-01-13
Oracle ELSA-2014-0018 libXfont 2014-01-10
Fedora FEDORA-2014-0443 libXfont 2014-01-11
Scientific Linux SLSA-2014:0018-1 libXfont 2014-01-10
Oracle ELSA-2014-0018 libXfont 2014-01-10
CentOS CESA-2014:0018 libXfont 2014-01-10
CentOS CESA-2014:0018 libXfont 2014-01-10
Red Hat RHSA-2014:0018-01 libXfont 2014-01-10
Ubuntu USN-2078-1 libxfont 2014-01-07
Debian DSA-2838-1 libxfont 2014-01-07
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds