Summary: | <x11-libs/libXfont-1.4.8 integer overflow, unchecked buffer (CVE-2014-{0209,0210,0211}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Chí-Thanh Christopher Nguyễn <chithanh> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | critical | CC: | x11 |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://lists.x.org/archives/xorg-announce/2014-May/002431.html | ||
Whiteboard: | A1 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Chí-Thanh Christopher Nguyễn
2014-05-13 16:46:41 UTC
Arches, please stabilize x11-libs/libXfont-1.4.8 Target keywords: alpha amd64 arm hppa ia64 ppc ppc64 sparc x86 Stable for HPPA. amd64 stable arm stable alpha stable ia64 stable ppc64 stable ppc stable sparc stable x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Arches, Thank you for your work Maintainer(s), please drop the vulnerable version. New GLSA Request filed. The vulnerable version has been removed from the tree. CVE-2014-0211 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0211): Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow. CVE-2014-0210 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0210): Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function. CVE-2014-0209 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0209): Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata. This issue was resolved and addressed in GLSA 201406-11 at http://security.gentoo.org/glsa/glsa-201406-11.xml by GLSA coordinator Mikle Kolyada (Zlogene). |