ALAS-2014-404


Amazon Linux AMI Security Advisory: ALAS-2014-404
Advisory Release Date: 2014-09-19 12:02 Pacific
Severity: Medium

Issue Overview:

Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow.

Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function.

Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata.


Affected Packages:

libXfont


Issue Correction:
Run yum update libXfont to update your system.

New Packages:
i686:
    libXfont-1.4.5-3.9.amzn1.i686
    libXfont-devel-1.4.5-3.9.amzn1.i686
    libXfont-debuginfo-1.4.5-3.9.amzn1.i686

src:
    libXfont-1.4.5-3.9.amzn1.src

x86_64:
    libXfont-1.4.5-3.9.amzn1.x86_64
    libXfont-debuginfo-1.4.5-3.9.amzn1.x86_64
    libXfont-devel-1.4.5-3.9.amzn1.x86_64