oss-sec mailing list archives
Fwd: X.Org security advisory: CVE-2013-4396: Use after free in Xserver handling of ImageText requests
From: Alan Coopersmith <alan.coopersmith () oracle com>
Date: Tue, 08 Oct 2013 13:23:43 -0700
-------- Original Message --------Subject: X.Org security advisory: CVE-2013-4396: Use after free in Xserver handling of ImageText requests
Date: Tue, 08 Oct 2013 13:20:16 -0700 From: Alan Coopersmith <alan.coopersmith () oracle com> Reply-To: xorg () lists freedesktop org To: xorg-announce () lists x org, xorg <xorg () lists freedesktop org>CC: X.Org Security Team <xorg-security () lists x org>, Pedro Ribeiro <pedrib () gmail com>
X.Org Security Advisory: October 8, 2013 - CVE-2013-4396 Use after free in Xserver handling of ImageText requests ======================================================== Description: ============ Pedro Ribeiro (pedrib () gmail com) reported an issue to the X.Org security team in which an authenticated X client can cause an X server to use memory after it was freed, potentially leading to crash and/or memory corruption. Affected Versions ================= This bug appears to have been introduced in RCS version 1.42 on 1993/09/18, and is thus believed to be present in every X server release starting with X11R6.0 up to the current xorg-server 1.14.3. (Manual inspection shows it is present in the sources from the X11R6 tarballs, but not in those from the X11R5 tarballs.) Fixes ===== A fix is available via the attached patch, which is intended to be included in xorg-server 1.15.0 and 1.14.4. Thanks ====== X.Org thanks Pedro Ribeiro for reporting this issues to our security team at xorg-security () lists x org. -- -Alan Coopersmith- alan.coopersmith () oracle com X.Org Security Response Team - xorg-security () lists x org
Attachment:
0001-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch
Description:
Current thread:
- Fwd: X.Org security advisory: CVE-2013-4396: Use after free in Xserver handling of ImageText requests Alan Coopersmith (Oct 08)