[Bug 1203718] New: CVE-2015-1803 libXfont: crash on invalid read in bdfReadCharacters
bugzilla at redhat.com
bugzilla at redhat.com
Thu Mar 19 14:11:21 UTC 2015
https://bugzilla.redhat.com/show_bug.cgi?id=1203718
Bug ID: 1203718
Summary: CVE-2015-1803 libXfont: crash on invalid read in
bdfReadCharacters
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team at redhat.com
Reporter: mprpic at redhat.com
CC: btissoir at redhat.com,
fonts-bugs at lists.fedoraproject.org,
sandmann at redhat.com
If the bdf parser failed to parse the data for the bitmap for any character, it
would proceed with an invalid pointer to the bitmap data and later crash when
trying to read the bitmap from that pointer.
A local user could exploit this issue to crash the X.Org server.
Upstream advisory:
http://seclists.org/oss-sec/2015/q1/865
Upstream patch:
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=78c2e3d70d29698244f70164428bd2868c0ab34c
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=a6kgapYM62&a=cc_unsubscribe
More information about the fonts-bugs
mailing list