ALAS-2014-452


Amazon Linux AMI Security Advisory: ALAS-2014-452
Advisory Release Date: 2014-11-24 15:22 Pacific
Severity: Medium

Issue Overview:

Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an X11 server via a malicious X11 client could use either of these flaws to potentially escalate their privileges on the system. (CVE-2013-1981 , CVE-2013-1982 , CVE-2013-1983 , CVE-2013-1984 , CVE-2013-1985 , CVE-2013-1986 , CVE-2013-1987 , CVE-2013-1988 , CVE-2013-1989 , CVE-2013-1990 , CVE-2013-1991 , CVE-2013-2003 , CVE-2013-2062 , CVE-2013-2064 )

Multiple array index errors, leading to heap-based buffer out-of-bounds write flaws, were found in the way various X11 client libraries handled data returned from an X11 server. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-1997 , CVE-2013-1998 , CVE-2013-1999 , CVE-2013-2000 , CVE-2013-2001 , CVE-2013-2002 , CVE-2013-2066 )

A buffer overflow flaw was found in the way the XListInputDevices() function of X.Org X11's libXi runtime library handled signed numbers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-1995 )

A flaw was found in the way the X.Org X11 libXt runtime library used uninitialized pointers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-2005 )

Two stack-based buffer overflow flaws were found in the way libX11, the Core X11 protocol client library, processed certain user-specified files. A malicious X11 server could possibly use this flaw to crash an X11 client via a specially crafted file. (CVE-2013-2004 )


Affected Packages:

libX11,libXcursor,libXfixes,libXi,libXrandr,libXrender,libXres,libXt,libXv,libXvMC,libXxf86dga,libXxf86vm,libdmx,xorg-x11-proto-devel


Issue Correction:
Run yum update libX11 libXcursor libXfixes libXi libXrandr libXrender libXres libXt libXv libXvMC libXxf86dga libXxf86vm libdmx xorg-x11-proto-devel to update your system.

New Packages:
i686:
    libX11-debuginfo-1.6.0-2.2.12.amzn1.i686
    libX11-1.6.0-2.2.12.amzn1.i686
    libX11-common-1.6.0-2.2.12.amzn1.i686
    libX11-devel-1.6.0-2.2.12.amzn1.i686
    libXcursor-debuginfo-1.1.14-2.1.9.amzn1.i686
    libXcursor-1.1.14-2.1.9.amzn1.i686
    libXcursor-devel-1.1.14-2.1.9.amzn1.i686
    libXfixes-5.0.1-2.1.8.amzn1.i686
    libXfixes-debuginfo-5.0.1-2.1.8.amzn1.i686
    libXfixes-devel-5.0.1-2.1.8.amzn1.i686
    libXrandr-debuginfo-1.4.1-2.1.8.amzn1.i686
    libXrandr-1.4.1-2.1.8.amzn1.i686
    libXrandr-devel-1.4.1-2.1.8.amzn1.i686
    libXrender-0.9.8-2.1.9.amzn1.i686
    libXrender-debuginfo-0.9.8-2.1.9.amzn1.i686
    libXrender-devel-0.9.8-2.1.9.amzn1.i686
    libXres-debuginfo-1.0.7-2.1.8.amzn1.i686
    libXres-1.0.7-2.1.8.amzn1.i686
    libXres-devel-1.0.7-2.1.8.amzn1.i686
    libXt-devel-1.1.4-6.1.9.amzn1.i686
    libXt-debuginfo-1.1.4-6.1.9.amzn1.i686
    libXt-1.1.4-6.1.9.amzn1.i686
    libXv-devel-1.0.9-2.1.8.amzn1.i686
    libXv-debuginfo-1.0.9-2.1.8.amzn1.i686
    libXv-1.0.9-2.1.8.amzn1.i686
    libXvMC-1.0.8-2.1.8.amzn1.i686
    libXvMC-debuginfo-1.0.8-2.1.8.amzn1.i686
    libXvMC-devel-1.0.8-2.1.8.amzn1.i686
    libXi-1.7.2-2.2.9.amzn1.i686
    libXi-devel-1.7.2-2.2.9.amzn1.i686
    libXi-debuginfo-1.7.2-2.2.9.amzn1.i686
    libXxf86dga-1.1.4-2.1.8.amzn1.i686
    libXxf86dga-debuginfo-1.1.4-2.1.8.amzn1.i686
    libXxf86dga-devel-1.1.4-2.1.8.amzn1.i686
    libXxf86vm-devel-1.1.3-2.1.9.amzn1.i686
    libXxf86vm-debuginfo-1.1.3-2.1.9.amzn1.i686
    libXxf86vm-1.1.3-2.1.9.amzn1.i686
    libdmx-debuginfo-1.1.3-3.7.amzn1.i686
    libdmx-1.1.3-3.7.amzn1.i686
    libdmx-devel-1.1.3-3.7.amzn1.i686

noarch:
    xorg-x11-proto-devel-7.7-9.10.amzn1.noarch

src:
    libX11-1.6.0-2.2.12.amzn1.src
    libXcursor-1.1.14-2.1.9.amzn1.src
    libXfixes-5.0.1-2.1.8.amzn1.src
    libXrandr-1.4.1-2.1.8.amzn1.src
    xorg-x11-proto-devel-7.7-9.10.amzn1.src
    libXrender-0.9.8-2.1.9.amzn1.src
    libXres-1.0.7-2.1.8.amzn1.src
    libXt-1.1.4-6.1.9.amzn1.src
    libXv-1.0.9-2.1.8.amzn1.src
    libXvMC-1.0.8-2.1.8.amzn1.src
    libXi-1.7.2-2.2.9.amzn1.src
    libXxf86dga-1.1.4-2.1.8.amzn1.src
    libXxf86vm-1.1.3-2.1.9.amzn1.src
    libdmx-1.1.3-3.7.amzn1.src

x86_64:
    libX11-1.6.0-2.2.12.amzn1.x86_64
    libX11-devel-1.6.0-2.2.12.amzn1.x86_64
    libX11-common-1.6.0-2.2.12.amzn1.x86_64
    libX11-debuginfo-1.6.0-2.2.12.amzn1.x86_64
    libXcursor-debuginfo-1.1.14-2.1.9.amzn1.x86_64
    libXcursor-devel-1.1.14-2.1.9.amzn1.x86_64
    libXcursor-1.1.14-2.1.9.amzn1.x86_64
    libXfixes-devel-5.0.1-2.1.8.amzn1.x86_64
    libXfixes-debuginfo-5.0.1-2.1.8.amzn1.x86_64
    libXfixes-5.0.1-2.1.8.amzn1.x86_64
    libXrandr-devel-1.4.1-2.1.8.amzn1.x86_64
    libXrandr-debuginfo-1.4.1-2.1.8.amzn1.x86_64
    libXrandr-1.4.1-2.1.8.amzn1.x86_64
    libXrender-devel-0.9.8-2.1.9.amzn1.x86_64
    libXrender-0.9.8-2.1.9.amzn1.x86_64
    libXrender-debuginfo-0.9.8-2.1.9.amzn1.x86_64
    libXres-devel-1.0.7-2.1.8.amzn1.x86_64
    libXres-debuginfo-1.0.7-2.1.8.amzn1.x86_64
    libXres-1.0.7-2.1.8.amzn1.x86_64
    libXt-devel-1.1.4-6.1.9.amzn1.x86_64
    libXt-1.1.4-6.1.9.amzn1.x86_64
    libXt-debuginfo-1.1.4-6.1.9.amzn1.x86_64
    libXv-devel-1.0.9-2.1.8.amzn1.x86_64
    libXv-1.0.9-2.1.8.amzn1.x86_64
    libXv-debuginfo-1.0.9-2.1.8.amzn1.x86_64
    libXvMC-1.0.8-2.1.8.amzn1.x86_64
    libXvMC-debuginfo-1.0.8-2.1.8.amzn1.x86_64
    libXvMC-devel-1.0.8-2.1.8.amzn1.x86_64
    libXi-debuginfo-1.7.2-2.2.9.amzn1.x86_64
    libXi-1.7.2-2.2.9.amzn1.x86_64
    libXi-devel-1.7.2-2.2.9.amzn1.x86_64
    libXxf86dga-debuginfo-1.1.4-2.1.8.amzn1.x86_64
    libXxf86dga-devel-1.1.4-2.1.8.amzn1.x86_64
    libXxf86dga-1.1.4-2.1.8.amzn1.x86_64
    libXxf86vm-debuginfo-1.1.3-2.1.9.amzn1.x86_64
    libXxf86vm-devel-1.1.3-2.1.9.amzn1.x86_64
    libXxf86vm-1.1.3-2.1.9.amzn1.x86_64
    libdmx-debuginfo-1.1.3-3.7.amzn1.x86_64
    libdmx-1.1.3-3.7.amzn1.x86_64
    libdmx-devel-1.1.3-3.7.amzn1.x86_64