LibXfont, monolithic X.org: Multiple integer overflows

2006-09-13T00:00:00
ID GLSA-200609-07
Type gentoo
Reporter Gentoo Foundation
Modified 2006-09-13T00:00:00

Description

Background

libXfont is the X.Org Xfont library, some parts are based on the FreeType code base.

Description

Several integer overflows have been found in the CID font parser.

Impact

A remote attacker could exploit this vulnerability by enticing a user to load a malicious font file resulting in the execution of arbitrary code with the permissions of the user running the X server which typically is the root user. A local user could exploit this vulnerability to gain elevated privileges.

Workaround

Disable CID-encoded Type 1 fonts by removing the "type1" module and replacing it with the "freetype" module in xorg.conf.

Resolution

All libXfont users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=x11-libs/libXfont-1.2.1"

All monolithic X.org users are advised to migrate to modular X.org.