In association with heise online

12 June 2008, 11:44

Several holes closed in's X server

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The developers of, the X Windows implementation have released version 1.4.2 of its X server ,which closes five security holes. A user logged on to a system can exploit these holes to crash X server or elevate their access privileges on the system. Since X servers usually run with root privileges, attackers have full access to the system. If the vulnerable X server system also allows access via the internet, the vulnerabilities can be exploited remotely.

The problems stem from three integer overflows in the RENDER extension, one of which can be exploited to create a heap overflow. A memory error occurs as a result of specially crafted requests to the RECORD and security extension. A further integer overflow in the MIT shared memory extension makes it possible to read arbitrary parts of the X server memory. According to the security advisory, all versions prior to 1.4.2 are affected, although many users may not even have activated the affected extensions on their systems. If possible, as an alternative to the update, the developers recommend simply deactivating the vulnerable extensions. To do this, change the entries in /etc/X11/xorg.conf as follows:

Section "Extensions"
Option "MIT-SHM" "disable"
Option "RENDER" "disable"
Option "SECURITY" "disable"

Section "Module"
Disable "record"

Along with the update, patches are also available for download. Linux distributors and vendors of other operating systems are also expected to deliver updated packages soon.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit