Some buffer overflows were discovered in the CID font parser, potentially resulting in the execution of arbitrary code with elevated privileges.
Package | x11-libs/libXfont on all architectures |
---|---|
Affected versions | < 1.2.1 |
Unaffected versions | >= 1.2.1 |
Package | x11-base/xorg-x11 on all architectures |
---|---|
Affected versions | < 7.0 |
Unaffected versions | >= 7.0 |
libXfont is the X.Org Xfont library, some parts are based on the FreeType code base.
Several integer overflows have been found in the CID font parser.
A remote attacker could exploit this vulnerability by enticing a user to load a malicious font file resulting in the execution of arbitrary code with the permissions of the user running the X server which typically is the root user. A local user could exploit this vulnerability to gain elevated privileges.
Disable CID-encoded Type 1 fonts by removing the "type1" module and replacing it with the "freetype" module in xorg.conf.
All libXfont users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=x11-libs/libXfont-1.2.1"
All monolithic X.org users are advised to migrate to modular X.org.
Release date
September 13, 2006
Latest revision
September 13, 2006: 01
Severity
high
Exploitable
local and remote
Bugzilla entries