USN-182-1: X server vulnerability

12 September 2005

xorg, xfree86 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.04
  • Ubuntu 4.10

Software Description

Details

A local privilege escalation vulnerability has been discovered in the pixmap allocation handling of the X server. By allocating a huge pixmap, a local user could trigger an integer overflow that resulted in a memory allocation that was too small for the requested pixmap. This resulted in a buffer overflow which could eventually be exploited to execute arbitrary code with full root privileges.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04
xserver-xfree86
xserver-xorg
Ubuntu 4.10
xserver-xfree86
xserver-xorg

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

References