Home page logo

oss-sec logo oss-sec mailing list archives

CVE request: Xorg input device format string flaw
From: Kees Cook <keescook () chromium org>
Date: Wed, 18 Apr 2012 12:28:11 -0700


Adding an input device with a malicious name can trigger a format
string flaw in Xorg's logging subsystem. For builds of Xorg lacking
-D_FORTIFY_SOURCE=2 (or 32-bit systems lacking the fix to fortify[1])
this can lead to arbitrary code execution as the Xorg user, usually
root. When built with fortify, this is a denial of service, since Xorg
will abort.

Proposed solution patch series can be found here:
    1/4 http://patchwork.freedesktop.org/patch/10000/
    2/4 http://patchwork.freedesktop.org/patch/9998/
    3/4 http://patchwork.freedesktop.org/patch/9999/
    4/4 http://patchwork.freedesktop.org/patch/10001/


[1] http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=7c1f4834d398163d1ac8101e35e9c36fc3176e6e

Kees Cook
Chrome OS Security

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]