Stack buffer overflow vulnerability found in X Window and Linux System, that a BDF font file containing a longer than expected string could overflow the buffer on the stack.
This vulnerability discovered by researchers of The X.Org team. The X.Org project provides an open source implementation of the X Window System. The X.Org Foundation is the educational non-profit corporation whose Board serves this effort, and whose Members lead this work.
According to X.Org the stack buffer overflow in parsing of BDF font files in ibXfont, Scanning of the libXfont sources with the cppcheck static analyzer included a report of:
[lib/libXfont/src/bitmap/bdfread.c:341]: (warning)
X.Org developers concluded that a BDF font file containing a longer than expected string could overflow the buffer on the stack. Testing in X servers built with Stack Protector resulted in an immediate crash when reading a user-provided specially crafted font.
This bug affected to initial RCS version 1.1 checked in on 1991/05/10, and every X11 release starting with X11R5 up to the current libXfont 1.4.6.
A fix is available via the attached patch, which is also included in libXfont 1.4.7, released and available now.
This vulnerability discovered by researchers of The X.Org team. The X.Org project provides an open source implementation of the X Window System. The X.Org Foundation is the educational non-profit corporation whose Board serves this effort, and whose Members lead this work.
According to X.Org the stack buffer overflow in parsing of BDF font files in ibXfont, Scanning of the libXfont sources with the cppcheck static analyzer included a report of:
[lib/libXfont/src/bitmap/bdfread.c:341]: (warning)
X.Org developers concluded that a BDF font file containing a longer than expected string could overflow the buffer on the stack. Testing in X servers built with Stack Protector resulted in an immediate crash when reading a user-provided specially crafted font.
This bug affected to initial RCS version 1.1 checked in on 1991/05/10, and every X11 release starting with X11R5 up to the current libXfont 1.4.6.
A fix is available via the attached patch, which is also included in libXfont 1.4.7, released and available now.
No comments:
Post a Comment