CVE-2014-0210

Priority
Medium
Description
Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before
1.4.99.901 allow remote font servers to execute arbitrary code via a
crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2)
fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5)
fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function.
References
Notes
mdeslaur> trusty and later are built with --disable-fc, so this shouldn't
mdeslaur> be an issue. Adding patch anyway for completeness' sake.
Assigned-to
mdeslaur
Package
Upstream:released (1.4.8)
Ubuntu 10.04 LTS (Lucid Lynx):released (1:1.4.1-1ubuntu0.3)
Ubuntu 12.04 LTS (Precise Pangolin):released (1:1.4.4-1ubuntu0.2)
Ubuntu 12.10 (Quantal Quetzal):released (1:1.4.5-2ubuntu0.12.10.2)
Ubuntu 13.10 (Saucy Salamander):released (1:1.4.6-1ubuntu0.2)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (1:1.4.7-1)
Ubuntu 14.10 (Utopic Unicorn):not-affected (1:1.4.7-1)
Patches:
Upstream:http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=891e084b26837162b12f841060086a105edde86d
Upstream:http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=cbb64aef35960b2882be721f4b8fbaa0fb649d12
Upstream:http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=491291cabf78efdeec8f18b09e14726a9030cc8f
Upstream:http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=a3f21421537620fc4e1f844a594a4bcd9f7e2bd8
Upstream:http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=520683652564c2a4e42328ae23eef9bb63271565
Upstream:http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=5fa73ac18474be3032ee7af9c6e29deab163ea39
Upstream:http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d338f81df1e188eb16e1d6aeea7f4800f89c1218
More Information

Valid XHTML 1.0 Strict

Updated: 2014-05-16 03:14:42 UTC (commit 8064)