Lucene search

K
centosCentOS ProjectCESA-2008:0029
HistoryJan 18, 2008 - 3:04 p.m.

XFree86 security update

2008-01-1815:04:04
CentOS Project
lists.centos.org
53

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.905 High

EPSS

Percentile

98.8%

CentOS Errata and Security Advisory CESA-2008:0029

XFree86 is an implementation of the X Window System, which provides the
core functionality for the Linux graphical desktop.

Two integer overflow flaws were found in the XFree86 server’s EVI and
MIT-SHM modules. A malicious authorized client could exploit these issues
to cause a denial of service (crash), or potentially execute arbitrary code
with root privileges on the XFree86 server. (CVE-2007-6429)

A heap based buffer overflow flaw was found in the way the XFree86 server
handled malformed font files. A malicious local user could exploit this
issue to potentially execute arbitrary code with the privileges of the
XFree86 server. (CVE-2008-0006)

A memory corruption flaw was found in the XFree86 server’s XInput
extension. A malicious authorized client could exploit this issue to cause
a denial of service (crash), or potentially execute arbitrary code with
root privileges on the XFree86 server. (CVE-2007-6427)

An information disclosure flaw was found in the XFree86 server’s TOG-CUP
extension. A malicious authorized client could exploit this issue to cause
a denial of service (crash), or potentially view arbitrary memory content
within the XFree86 server’s address space. (CVE-2007-6428)

An integer and heap overflow flaw were found in the X.org font server, xfs.
A user with the ability to connect to the font server could have been able
to cause a denial of service (crash), or potentially execute arbitrary code
with the permissions of the font server. (CVE-2007-4568, CVE-2007-4990)

A flaw was found in the XFree86 server’s XC-SECURITY extension, that could
have allowed a local user to verify the existence of an arbitrary file,
even in directories that are not normally accessible to that user.
(CVE-2007-5958)

Users of XFree86 are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-January/076780.html
https://lists.centos.org/pipermail/centos-announce/2008-January/076781.html
https://lists.centos.org/pipermail/centos-announce/2008-January/076788.html
https://lists.centos.org/pipermail/centos-announce/2008-January/076789.html
https://lists.centos.org/pipermail/centos-announce/2008-January/076795.html
https://lists.centos.org/pipermail/centos-announce/2008-January/076796.html
https://lists.centos.org/pipermail/centos-announce/2008-January/089556.html
https://lists.centos.org/pipermail/centos-announce/2008-January/089561.html

Affected packages:
XFree86
XFree86-100dpi-fonts
XFree86-75dpi-fonts
XFree86-ISO8859-14-100dpi-fonts
XFree86-ISO8859-14-75dpi-fonts
XFree86-ISO8859-15-100dpi-fonts
XFree86-ISO8859-15-75dpi-fonts
XFree86-ISO8859-2-100dpi-fonts
XFree86-ISO8859-2-75dpi-fonts
XFree86-ISO8859-9-100dpi-fonts
XFree86-ISO8859-9-75dpi-fonts
XFree86-Mesa-libGL
XFree86-Mesa-libGLU
XFree86-Xnest
XFree86-Xvfb
XFree86-base-fonts
XFree86-cyrillic-fonts
XFree86-devel
XFree86-doc
XFree86-font-utils
XFree86-libs
XFree86-libs-data
XFree86-sdk
XFree86-syriac-fonts
XFree86-tools
XFree86-truetype-fonts
XFree86-twm
XFree86-xauth
XFree86-xdm
XFree86-xfs

Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0029

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.905 High

EPSS

Percentile

98.8%