aru Posted September 14, 2005 Report Share Posted September 14, 2005 Mandriva Security Advisories MDKSA-2005:164 : XFree86 Updated XFree86/x.org packages fix vulnerability September 13th, 2005 A vulnerability was discovered in the pixmap allocation handling of the X server that can lead to local privilege escalation.By allocating a huge pixmap, a local user could trigger an integer overflow that resulted in a memory allocation that was too small for the requested pixmap, leading to a buffer overflow which could then be exploited to execute arbitrary code with full root privileges. The updated packages have been patched to address these issues. The released versions of Mandriva GNU/Linux affected are: 10.0 10.1 CS2.1 CS3.0 10.2 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:164 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2495 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts