Multiple vulnerabilities have been reported in libXfont and TightVNC, allowing for the execution of arbitrary code with root privileges.
|Package||net-misc/tightvnc on all architectures|
|Affected versions||< 1.2.9-r4|
|Unaffected versions||>= 1.2.9-r4|
|Package||x11-libs/libXfont on all architectures|
|Affected versions||< 1.2.7-r1|
|Unaffected versions||>= 1.2.7-r1|
LibXfont is the X.Org font library. TightVNC is a VNC client/server for X displays.
The libXfont code is prone to several integer overflows, in functions ProcXCMiscGetXIDList(), bdfReadCharacters() and FontFileInitTable(). TightVNC contains a local copy of this code and is also affected.
A local attacker could use a specially crafted BDF Font to gain root privileges on the vulnerable host.
There is no known workaround at this time.
All libXfont users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=x11-libs/libXfont-1.2.7-r1"
All TightVNC users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/tightvnc-1.2.9-r4"