7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.025 Low
EPSS
Percentile
90.1%
Issue Overview:
Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow.
Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function.
Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata.
Affected Packages:
libXfont
Issue Correction:
Run yum update libXfont to update your system.
New Packages:
i686:
libXfont-1.4.5-3.9.amzn1.i686
libXfont-devel-1.4.5-3.9.amzn1.i686
libXfont-debuginfo-1.4.5-3.9.amzn1.i686
src:
libXfont-1.4.5-3.9.amzn1.src
x86_64:
libXfont-1.4.5-3.9.amzn1.x86_64
libXfont-debuginfo-1.4.5-3.9.amzn1.x86_64
libXfont-devel-1.4.5-3.9.amzn1.x86_64
Red Hat: CVE-2014-0209, CVE-2014-0210, CVE-2014-0211
Mitre: CVE-2014-0209, CVE-2014-0210, CVE-2014-0211
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | libxfont | < 1.4.5-3.9.amzn1 | libXfont-1.4.5-3.9.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | libxfont-devel | < 1.4.5-3.9.amzn1 | libXfont-devel-1.4.5-3.9.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | libxfont-debuginfo | < 1.4.5-3.9.amzn1 | libXfont-debuginfo-1.4.5-3.9.amzn1.i686.rpm |
Amazon Linux | 1 | x86_64 | libxfont | < 1.4.5-3.9.amzn1 | libXfont-1.4.5-3.9.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | libxfont-debuginfo | < 1.4.5-3.9.amzn1 | libXfont-debuginfo-1.4.5-3.9.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | libxfont-devel | < 1.4.5-3.9.amzn1 | libXfont-devel-1.4.5-3.9.amzn1.x86_64.rpm |