SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   libXfont Vendors:   X.org
(CentOS Issues Fix) libXfont Font Processing Flaws Lets Local Users Deny Service or Gain Elevated Privileges
SecurityTracker Alert ID:  1033474
SecurityTracker URL:  http://securitytracker.com/id/1033474
CVE Reference:   CVE-2015-1802, CVE-2015-1803, CVE-2015-1804   (Links to External Site)
Date:  Sep 4 2015
Impact:   Denial of service via local system, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Several vulnerabilities were reported in libXfont. A local user can obtain elevated privileges on the target system.

A local user with access to the X server can cause the X server to read an arbitrary font file to trigger a memory corruption error and cause denial of service conditions or execute arbitrary code on the target system with the privileges of the X server (which may be root privileges on some systems).

An overflow may occur in bdfReadProperties() in the property count [CVE-2015-1802].

An invalid pointer error may cause a crash in bdfReadCharacters() [CVE-2015-1803].

An overflow may occur in bdfReadCharacters() [CVE-2015-1804].

Ilja van Sprundel of IOActive, Alan Coopersmith of Oracle, and William Robinet of Conostix reported these vulnerabilities.

Impact:   A local user can obtain elevated privileges on the target system.

A local user can cause the X server to crash.

Solution:   CentOS has issued a fix.

i386:
9856558ad51e2b739b307e54519434fd091a7eef0a3380d8e08f6bda984dbc09 libXfont-1.4.5-5.el6_7.i686.rpm
69cab9290745e4e7ab1397803e3dbb53457ab6c7e72562c6bd47433e8ecea3d6 libXfont-devel-1.4.5-5.el6_7.i686.rpm

x86_64:
9856558ad51e2b739b307e54519434fd091a7eef0a3380d8e08f6bda984dbc09 libXfont-1.4.5-5.el6_7.i686.rpm
53017e8cf13ca169a02574c9a7584ba84672006feafd56d9b5c6d5c7b4a7d49c libXfont-1.4.5-5.el6_7.x86_64.rpm
69cab9290745e4e7ab1397803e3dbb53457ab6c7e72562c6bd47433e8ecea3d6 libXfont-devel-1.4.5-5.el6_7.i686.rpm
2f3223fae18bd8b870f69e5fc5c7c111f72c7efdf590b4775617377dfe91916d libXfont-devel-1.4.5-5.el6_7.x86_64.rpm

Source:
ed249a9a95d6ba4b7069956b24cb09135989b128ea48c52ad705e36962e4af99 libXfont-1.4.5-5.el6_7.src.rpm

x86_64:
d0c7cd0ab4dc74e06f81eea25702ae372b5185314cc740de0bfd4c1467e23572 libXfont-1.4.7-3.el7_1.i686.rpm
56c8af2cd14daecb5c232fc1857d9ff24392bdace0b749be37802393fcd22272 libXfont-1.4.7-3.el7_1.x86_64.rpm
db382660e3e64a5576d5063fa19954eb957b82d3d2e32baf19eb0c26d4f704eb libXfont-devel-1.4.7-3.el7_1.i686.rpm
ae204ce0915b0846d92f0464c84260e7486410565dc8f13bf75f350bb6a7011e libXfont-devel-1.4.7-3.el7_1.x86_64.rpm

Source:
e06340a5791527201c75f63c1646b8e1f913c8ec56ef5ac93b83bbb43ff910d6 libXfont-1.4.7-3.el7_1.src.rpm

Cause:   Access control error, Boundary error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  6, 7

Message History:   This archive entry is a follow-up to the message listed below.
Mar 17 2015 libXfont Font Processing Flaws Lets Local Users Deny Service or Gain Elevated Privileges



 Source Message Contents

Subject:  [CentOS-announce] CESA-2015:1708 Important CentOS 7 libXfont Security Update


CentOS Errata and Security Advisory 2015:1708 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1708.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
d0c7cd0ab4dc74e06f81eea25702ae372b5185314cc740de0bfd4c1467e23572  libXfont-1.4.7-3.el7_1.i686.rpm
56c8af2cd14daecb5c232fc1857d9ff24392bdace0b749be37802393fcd22272  libXfont-1.4.7-3.el7_1.x86_64.rpm
db382660e3e64a5576d5063fa19954eb957b82d3d2e32baf19eb0c26d4f704eb  libXfont-devel-1.4.7-3.el7_1.i686.rpm
ae204ce0915b0846d92f0464c84260e7486410565dc8f13bf75f350bb6a7011e  libXfont-devel-1.4.7-3.el7_1.x86_64.rpm

Source:
e06340a5791527201c75f63c1646b8e1f913c8ec56ef5ac93b83bbb43ff910d6  libXfont-1.4.7-3.el7_1.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC