Gentoo Linux Security Advisory 201504-6 - Multiple vulnerabilities have been found in X.Org X Server, allowing attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.12.4-r4 are affected.
02bfcf82733cc51a9e7242f086fd8e7f523654b1b9c474a9238aec3001352a0fMandriva Linux Security Advisory 2015-119 - Ilja van Sprundel of IOActive discovered several security issues in the X.org X server, which may lead to privilege escalation or denial of service. Olivier Fourdan from Red Hat has discovered a protocol handling issue in the way the X server code base handles the XkbSetGeometry request, where the server trusts the client to send valid string lengths. A malicious client with string lengths exceeding the request length can cause the server to copy adjacent memory data into the XKB structs. This data is then available to the client via the XkbGetGeometry request. This can lead to information disclosure issues, as well as possibly a denial of service if a similar request can cause the server to crash.
9a99ccedd34c67a048ace0a5867356eb6858bcbd1dc024890093acb3993ef4e1Slackware Security Advisory - New xorg-server packages are available for Slackware 14.1 and -current to fix security issues.
a39862a25a5d7d308f9940d7a38d9a97d8b894971774c2778f7d822ac39ec1f9Red Hat Security Advisory 2014-1983-01 - X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges.
4134cd6f0552f1eb1400b783f6ac2383eeb1b8055ad51f10055d4c175deae1afRed Hat Security Advisory 2014-1982-01 - X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges.
478f070d556ff6738f2ac1014c8ee79908298350847ffa377f7e6050e494c65aUbuntu Security Notice 2438-1 - It was discovered that the NVIDIA graphics drivers incorrectly handled GLX indirect rendering support. An attacker able to connect to an X server, either locally or remotely, could use these issues to cause the X server to crash or execute arbitrary code resulting in possible privilege escalation.
fa484be0b21a40b843627bb8f7be06f9cef7750acfe2f8d5d2e6ee934774f33eDebian Linux Security Advisory 3095-1 - Ilja van Sprundel of IOActive discovered several security issues in the X.org X server, which may lead to privilege escalation or denial of service.
ed1eb05fa57ccac0c93e9a85d88f065d5987699336294e614459974fe35a3110Ubuntu Security Notice 2436-1 - Ilja van Sprundel discovered a multitude of security issues in the X.Org X server. An attacker able to connect to an X server, either locally or remotely, could use these issues to cause the X server to crash or execute arbitrary code resulting in possible privilege escalation.
97deccba022aa2cc95bda1a026d6949fb81fdc208c22a7019aa4f37ecc4abd4a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed