Fw: X.Org Foundation Official Sccurity Advisory: All X Window Sysem Releases Through X11R6.8.2. - 12 September 2005

Chad R. Kittel v3rt1g0 at lunar-linux.org
Mon Sep 19 12:13:01 UTC 2005 

Begin forwarded message:

Date: Mon, 19 Sep 2005 07:23:02 -0400 (EDT)
From: Leon Shiman <leon at magic.shiman.com>
To: xf_members at x.org, xorg at lists.freedesktop.org
Subject: X.Org Foundation Official Sccurity Advisory: All X Window
Sysem Releases Through X11R6.8.2. - 12 September 2005


              X.Org Foundation SECURITY ADVISORY
	      ==================================

Brookline MA, September 12, 2005 - X.Org has been made aware of a
possible security vulnerability in the XCreatePixmap function of
the X Server, which is shipped as part of the X Window System. 
The affected code is used to create and reserve memory for a
new pixmap in the X Server.


Due to missing range checks for the pixel size of the pixmap subsequent
pixmap read/write functions can access memory outside of the allocated
pixmap by any X client that can connect to the affected Xserver.
This way any user having access to the server can access memory that
is accessible from within the Xserver and/or crash the server.

The CVE number for these vulnerabilities is CAN-2005-2495. 
Please check also:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2495

X.Org has tracked this issue in:
  https://bugs.freedesktop.org/show_bug.cgi?id=594

This advisory affects all known versions and releases of the 
X Window System whether from X.Org or other vendors. 

Therefore users are strongly recommended to upgrade.


A fix is available under:
  http://www.x.org/pub/X11R6.8.2/patches/xorg-CAN-2005-2495.patch

All future versions of X.Org will have this security vulnerability
fixed. Vendors shipping releases of the X Window System have been
informed and will provide updates for their software.

The X.Org Foundation would like to thank Luke Hutchinson for
identifying the security exploit as well as Soeren Sandmann for
investigating the issue and providing a patch.



			---------------

For questions, contact: Leon Shiman, Secretary, The XOrg Foundation, at:

Shiman Associates Inc
(00)1.617.277.0087
leon at shiman.com

_______________________________________________
xorg mailing list
xorg at lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/xorg


-- 
  _
(\o/) Chad 'v3rt1g0' Kittel <v3rt1g0 at lunar-linux.org>
 /_\  Milwaukee, WI (USA)
"...staring up at heaven from the bottom of a glass" - Savatage

More information about the Lunar-dev mailing list