X.Org · X.Org Server · CVE-2006-1526
Name of the Vulnerable Software and Affected Versions:
X.org X server versions 6.8.0 up to 6.8.2-r6
Description:
The issue is related to a buffer overflow in the X render (Xrender) extension, which can cause a denial of service (crash). This can be triggered by specific requests, such as `XRenderCompositeTriStrip` and `XRenderCompositeTriFan`, due to an incorrect memory allocation caused by a typo in an expression. The typo involves using a "&" operator instead of a "*" operator.
Recommendations:
For X.org X server versions 6.8.0 up to 6.8.2-r6, update to version 6.8.2-r7 or later to resolve the issue.
At the moment, there is no information about additional mitigation measures for this specific vulnerability.