Ubuntu Security Notice 1502-1 - Ken Mixter discovered a format string vulnerability in the LogVHdrMessageVerb function in xorg-server when handling input device names. This could allow a local attacker to cause a denial of service or possibly execute arbitrary code. The default compiler options for the affected release should reduce the vulnerability to a denial of service.
243a8325cf6cb68a4b306b912c804202fe4dda9c207c1b4d5321c2ec7f9d93e5