ELSA-2015-0797 -- Oracle xorg-x11-serverID: oval:org.secpod.oval:def:1500982 | Date: (C)2015-04-14 (M)2022-10-10 |
Class: PATCH | Family: unix |
X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. A buffer over-read flaw was found in the way the X.Org server handled XkbGetGeometry requests. A malicious, authorized client could use this flaw to disclose portions of the X.Org server memory, or cause the X.Org server to crash using a specially crafted XkbGetGeometry request. This issue was discovered by Olivier Fourdan of Red Hat. All xorg-x11-server users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.