Mandriva Linux Security Advisory 2015-119 - Ilja van Sprundel of IOActive discovered several security issues in the X.org X server, which may lead to privilege escalation or denial of service. Olivier Fourdan from Red Hat has discovered a protocol handling issue in the way the X server code base handles the XkbSetGeometry request, where the server trusts the client to send valid string lengths. A malicious client with string lengths exceeding the request length can cause the server to copy adjacent memory data into the XKB structs. This data is then available to the client via the XkbGetGeometry request. This can lead to information disclosure issues, as well as possibly a denial of service if a similar request can cause the server to crash.
9a99ccedd34c67a048ace0a5867356eb6858bcbd1dc024890093acb3993ef4e1-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:119
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : x11-server
Date : March 29, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Updated x11-server packages fix security vulnerabilities:
Ilja van Sprundel of IOActive discovered several security issues in the
X.org X server, which may lead to privilege escalation or denial of
service (CVE-2014-8091, CVE-2014-8092, CVE-2014-8093, CVE-2014-8094,
CVE-2014-8095, CVE-2014-8096, CVE-2014-8097, CVE-2014-8098,
CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102).
Olivier Fourdan from Red Hat has discovered a protocol handling
issue in the way the X server code base handles the XkbSetGeometry
request, where the server trusts the client to send valid string
lengths. A malicious client with string lengths exceeding the
request length can cause the server to copy adjacent memory data
into the XKB structs. This data is then available to the client via
the XkbGetGeometry request. This can lead to information disclosure
issues, as well as possibly a denial of service if a similar request
can cause the server to crash (CVE-2015-0255).
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8091
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8092
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8099
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8100
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0255
http://advisories.mageia.org/MGASA-2014-0532.html
http://advisories.mageia.org/MGASA-2015-0073.html
_______________________________________________________________________
Updated Packages:
Mandriva Business Server 2/X86_64:
d9de24245bf452fa208ce722ce58c0c4 mbs2/x86_64/x11-server-1.14.5-3.1.mbs2.x86_64.rpm
ef5ee1a16e59ffae7778412941fb93e4 mbs2/x86_64/x11-server-common-1.14.5-3.1.mbs2.x86_64.rpm
a27cff3cf97c4361132359441b13fd58 mbs2/x86_64/x11-server-devel-1.14.5-3.1.mbs2.x86_64.rpm
407b8d00033478227c18f2b6f9c7b387 mbs2/x86_64/x11-server-source-1.14.5-3.1.mbs2.noarch.rpm
6672056e57197215ab30be5763ce9422 mbs2/x86_64/x11-server-xdmx-1.14.5-3.1.mbs2.x86_64.rpm
864929bb7acad38a28cb8f126b440600 mbs2/x86_64/x11-server-xephyr-1.14.5-3.1.mbs2.x86_64.rpm
a29866186220c8f71eb18486a132ae57 mbs2/x86_64/x11-server-xfake-1.14.5-3.1.mbs2.x86_64.rpm
866e5323ec9efd6857e8ec83d3109ac2 mbs2/x86_64/x11-server-xfbdev-1.14.5-3.1.mbs2.x86_64.rpm
65906a705206237aab0303b5dd9358d8 mbs2/x86_64/x11-server-xnest-1.14.5-3.1.mbs2.x86_64.rpm
3840ccdf06db9d53914af96cee6e487d mbs2/x86_64/x11-server-xorg-1.14.5-3.1.mbs2.x86_64.rpm
8d9de7a9081ec613edac5e27b339af24 mbs2/x86_64/x11-server-xvfb-1.14.5-3.1.mbs2.x86_64.rpm
5bb951907ff0d8ae6087f812d8cf069b mbs2/SRPMS/x11-server-1.14.5-3.1.mbs2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVF7vNmqjQ0CJFipgRApeZAJoDcvfgKg1km5JKQz+iWRo/aZbCPgCg5PEC
rUnw2V62YoeD+/u29uMFLxs=
=0EhW
-----END PGP SIGNATURE-----
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed