X.Org security advisory: multiple vulnerabilities in the X server
Julien Cristau
jcristau at debian.org
Fri Jan 18 05:49:26 PST 2008
On Thu, Jan 17, 2008 at 15:05:34 +0100, Matthieu Herrb wrote:
> * CVE-2007-6429 - MIT-SHM and EVI extensions integer overflows
>
> The MIT-SHM extension vulnerability exists in the code responsible
> for creating a pixmap in shared memory. When allocating the pixmap,
> the server uses values from the request to verify that the requested
> size is not greater than the allocated shared memory. The calculation
> can overflow, which leads to the overwriting of arbitrary addresses in
> memory that aren't part of the shared memory segment.
>
Hi,
the patch for this bug seems to cause regressions; see for instance:
- https://launchpad.net/bugs/183969
- http://bugs.debian.org/461410
Cheers,
Julien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.x.org/archives/xorg/attachments/20080118/35694b9b/attachment.pgp>
More information about the xorg
mailing list