XFree86 is an open-source X Window System implementation that acts as a client-server-based API between different hardware components like display, mouse, keyboard and so on. Several buffer overflows were found in the fontfile code that handles a user-supplied “fonts.alias” file. The file is processed with root privileges and therefore a successful exploitation of these bugs leads to local root access.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 8.1 | i586 | xf86 | < 4.2.0-257 | xf86-4.2.0-257.i586.rpm |
openSUSE | 9.0 | i586 | xfree86 | < 4.3.0.1-46 | XFree86-4.3.0.1-46.i586.rpm |
openSUSE | 8.2 | i586 | xfree86 | < 4.3.0-120 | XFree86-4.3.0-120.i586.rpm |
openSUSE | 8.0 | i386 | xf86 | < 4.2.0-257 | xf86-4.2.0-257.i386.rpm |
openSUSE | 9.0 | x86_64 | xfree86 | < 4.3.0.1-52 | XFree86-4.3.0.1-52.x86_64.rpm |