The X server memory can be accessed my a malicious X client by exploiting a missing range check in the function XCreatePixmap(). This bug can probably be used to execute arbitrary code with the privileges of the X server (root).
There is no work-around known.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 9.0 | i586 | xfree86-server | < 4.3.0.1-60 | XFree86-server-4.3.0.1-60.i586.rpm |
openSUSE | 9.0 | x86_64 | xfree86-server | < 4.3.0.1-60 | XFree86-server-4.3.0.1-60.x86_64.rpm |
openSUSE | 9.2 | x86_64 | xorg-x11-server | < 6.8.1-15.9 | xorg-x11-server-6.8.1-15.9.x86_64.rpm |
openSUSE | 9.1 | x86_64 | xfree86-server | < 4.3.99.902-43.50.3 | XFree86-server-4.3.99.902-43.50.3.x86_64.rpm |
openSUSE | 9.2 | i586 | xorg-x11-server | < 6.8.1-15.9 | xorg-x11-server-6.8.1-15.9.i586.rpm |
openSUSE | 9.1 | i586 | xfree86-server | < 4.3.99.902-43.50.3 | XFree86-server-4.3.99.902-43.50.3.i586.rpm |
openSUSE | 9.3 | i586 | xorg-x11-server | < 6.8.2-30.4 | xorg-x11-server-6.8.2-30.4.i586.rpm |
openSUSE | 9.3 | x86_64 | xorg-x11-server | < 6.8.2-30.4 | xorg-x11-server-6.8.2-30.4.x86_64.rpm |