(RHSA-2008:0504) Important: xorg-x11-server security update

2008-06-11T04:00:00
ID RHSA-2008:0504
Type redhat
Reporter RedHat
Modified 2017-09-08T12:20:18

Description

X.Org is an open source implementation of the X Window System. It provides basic low-level functionality that full-fledged graphical user interfaces are designed upon.

An input validation flaw was discovered in X.org's Security and Record extensions. A malicious authorized client could exploit this issue to cause a denial of service (crash) or, potentially, execute arbitrary code with root privileges on the X.Org server. (CVE-2008-1377)

Multiple integer overflow flaws were found in X.org's Render extension. A malicious authorized client could exploit these issues to cause a denial of service (crash) or, potentially, execute arbitrary code with root privileges on the X.Org server. (CVE-2008-2360, CVE-2008-2361, CVE-2008-2362)

An input validation flaw was discovered in X.org's MIT-SHM extension. A client connected to the X.org server could read arbitrary server memory. This could result in the sensitive data of other users of the X.org server being disclosed. (CVE-2008-1379)

Users of xorg-x11-server should upgrade to these updated packages, which contain backported patches to resolve these issues.