In association with heise online

10 January 2007, 12:21

Update fixes multiple vulnerabilities in X.Org server

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The developers of X.Org have indicated that there are a number of bugs in their X server that could allow system memory to be overwritten with external data. In the initial reports from iDefense, the discoverers of the vulnerabilities, it wasn't clear whether they could be used to inject code and execute commands. Now, according to iDefense, in addition to X.Org's X server, XFree86's X server product is also affected. The vulnerabilities apparently allow malicious code to be injected and executed with root privileges. In order to send prepared packets to the X server, an attacker must, however, have access to a console or a user account. The roots of the problems are integer overflows in the ProcDbeGetVisualInfo, ProcDbeSwapBuffer and ProcRenderAddGlyphs functions when processing prepared client requests to the DBE and render extensions. Such requests can be made either from the local application, or from the network, however the client must be authenticated.

All versions of the X server from X.Org, which support these extensions, are affected. An update fixes the problem. Because most Linux distributions use the X.Org server, Linux distribution updates can also be expected shortly. According to the error report, X servers other than X.Org servers may be affected if they use the X11R6 sample implementation.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit