USN-182-1: X server vulnerability

Ubuntu Security Notice USN-182-1

12th September, 2005

xorg, xfree86 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.04
  • Ubuntu 4.10

Details

A local privilege escalation vulnerability has been discovered in the
pixmap allocation handling of the X server. By allocating a huge
pixmap, a local user could trigger an integer overflow that resulted
in a memory allocation that was too small for the requested pixmap.
This resulted in a buffer overflow which could eventually be exploited
to execute arbitrary code with full root privileges.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 5.04:
xserver-xorg
xserver-xfree86
Ubuntu 4.10:
xserver-xorg
xserver-xfree86

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

None

References

CVE-2005-2495