X.Org libX11 security advisory: August 25, 2020
matthieu at herrb.eu
Tue Aug 25 15:18:33 UTC 2020
Double free in libX11 locale handling code
There is an integer overflow and a double free vulnerability in the way
LibX11 handles locales. The integer overflow is a necessary precursor to
the double free.
A Patch for this issue has been committed to the libX11 git repository.
libX11 1.6.12 will be released shortly and will include this patch.
commit acdaaadcb3d85c61fd43669fc5dddf0f8c3f911d (HEAD -> master)
Fix an integer overflow in init_om()
This can lead to a double free later, as reported by Jayden Rivers.
X.Org thanks Jayden Rivers for reporting this issue to our security
team and assisting them in understanding them and providing fixes.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the xorg-announce