oss-sec mailing list archives
Re: CVE Request: xorg-server and pixman
From: Murray McAllister <mmcallis () redhat com>
Date: Wed, 04 Dec 2013 18:09:40 +1100
On 12/04/2013 03:32 PM, Kurt Seifried wrote:
On 12/03/2013 10:54 AM, Jamie Strandboge wrote:Hi,This bug has been public since August but I could find a CVE for it: https://launchpad.net/bugs/1197921There are two bugs - Xorg can be made to crash and pixman can trigger the aformentioned Xorg crash. A simplified reproducer is in the pixman patches with another reproducer in the Launchpad bug. The xorgxorg-server - exa: only draw valid trapezoids The patch was submitted in October but doesn't seem to be applied yet, so I'm CC'ing xorg_security. Patch references the pixman f.d.o bug, but doesn't seem to have an associated xorg bug. http://patchwork.freedesktop.org/patch/14769/ http://lists.x.org/archives/xorg-devel/2013-October/037996.htmlPixman - Corrupted CustomShape crashes Xorg https://bugs.freedesktop.org/show_bug.cgi?id=67484 Patch: - 5e14da97f16e421d084a9e735be21b1025150f0c (fix) - 2f876cf86718d3dd9b3b04ae9552530edafe58a1 (test case)Thanks!So only x.org crashes, you can trigger it via X.org, or via pixman? or is pixman also crashing?
From https://bugs.freedesktop.org/show_bug.cgi?id=67484 and
http://patchwork.freedesktop.org/patch/14769/ it sounded like it would affect both 1) crash an application using pixman 2) crash the X server Is that correct? -- Murray McAllister / Red Hat Security Response Team
Current thread:
- CVE Request: xorg-server and pixman Jamie Strandboge (Dec 03)
- Re: CVE Request: xorg-server and pixman Kurt Seifried (Dec 03)
- Re: CVE Request: xorg-server and pixman Murray McAllister (Dec 03)
- Re: CVE Request: xorg-server and pixman Jamie Strandboge (Dec 04)
- Re: CVE Request: xorg-server and pixman Kurt Seifried (Dec 04)
- Re: CVE Request: xorg-server and pixman Murray McAllister (Dec 03)
- Re: CVE Request: xorg-server and pixman Kurt Seifried (Dec 03)