Keith Packard

**Name of the Vulnerable Software and Affected Versions** X.Org Server versions prior to 1.19.4 **Description** A local attacker authenticated to the X server can overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp. **Recommendations** For versions prior to 1.19.4, update to version 1.19.4 or later to resolve the issue. As a temporary workaround, consider restricting access to xkbcomp to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** XFree86-twm versions 4.1.0 through 4.3.0 XFree86-100dpi-fonts versions 4.1.0 through 4.3.0 XFree86-sdk version 4.3.0 XFree86-doc versions 4.1.0 through 4.3.0 XFree86-devel versions 4.1.0 through 4.3.0 XFree86-font-utils version 4.3.0 XFree86-xf86cfg versions 4.1.0 XFree86-ISO8859-9-75dpi-fonts versions 4.1.0 through 4.3.0 XFree86-ISO8859-15-75dpi-fonts versions 4.1.0 through 4.3.0 XFree86-cyrillic-fonts versions 4.1.0 through 4.3.0 xorg-x11-server-sdk version 1.1.1 xorg-x11-server-Xnest version 1.1.1 xorg-x11-server-Xdmx version 1.1.1 xorg-x11-server-Xorg version 1.1.1 xorg-x11-server version 1.1.1 xorg-x11-server-Xvfb version 1.1.1 xorg-x11-server-Xephyr version 1.1.1 xorg-x11-server-randr-source version 1.1.1 XFree86-75dpi-fonts versions 4.1.0 through 4.3.0 XFree86-Mesa-libGL version 4.3.0 XFree86-libs versions 4.1.0 through 4.3.0 XFree86-libs-data version 4.3.0 XFree86-xdm versions 4.1.0 through 4.3.0 XFree86-xfs versions 4.1.0 through 4.3.0 XFree86-Xvfb versions 4.1.0 through 4.3.0 XFree86-truetype-fonts version 4.3.0 XFree86-base-fonts version 4.3.0 XFree86-syriac-fonts version 4.3.0 XFree86-ISO8859-14-75dpi-fonts version 4.3.0 XFree86-ISO8859-2-75dpi-fonts versions 4.1.0 through 4.3.0 XFree86-ISO8859-2-100dpi-fonts versions 4.1.0 through 4.3.0 XFree86-ISO8859-9-100dpi-fonts versions 4.1.0 through 4.3.0 XFree86-ISO8859-15-100dpi-fonts versions 4.1.0 through 4.3.0 XFree86-tools versions 4.1.0 through 4.3.0 **Description** The issue is related to multiple vulnerabilities in various XFree86 and xorg-x11-server packages, which can lead to a disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. The vulnerabilities exist in the MIT-SHM extension in the X server, allowing context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height. **Recommendations** For XFree86-twm versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-100dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-sdk version 4.3.0, update to a version outside of this range. For XFree86-doc versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-devel versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-font-utils version 4.3.0, update to a version outside of this range. For XFree86-xf86cfg versions 4.1.0, update to a version outside of this range. For XFree86-ISO8859-9-75dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-ISO8859-15-75dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-cyrillic-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For xorg-x11-server-sdk version 1.1.1, update to a version outside of this range. For xorg-x11-server-Xnest version 1.1.1, update to a version outside of this range. For xorg-x11-server-Xdmx version 1.1.1, update to a version outside of this range. For xorg-x11-server-Xorg version 1.1.1, update to a version outside of this range. For xorg-x11-server version 1.1.1, update to a version outside of this range. For xorg-x11-server-Xvfb version 1.1.1, update to a version outside of this range. For xorg-x11-server-Xephyr version 1.1.1, update to a version outside of this range. For xorg-x11-server-randr-source version 1.1.1, update to a version outside of this range. For XFree86-75dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-Mesa-libGL version 4.3.0, update to a version outside of this range. For XFree86-libs versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-libs-data version 4.3.0, update to a version outside of this range. For XFree86-xdm versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-xfs versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-Xvfb versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-truetype-fonts version 4.3.0, update to a version outside of this range. For XFree86-base-fonts version 4.3.0, update to a version outside of this range. For XFree86-syriac-fonts version 4.3.0, update to a version outside of this range. For XFree86-ISO8859-14-75dpi-fonts version 4.3.0, update to a version outside of this range. For XFree86-ISO8859-2-75dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-ISO8859-2-100dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-ISO8859-9-100dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-ISO8859-15-100dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-tools versions 4.1.0 through 4.3.0, update to a version outside of this range.

**Name of the Vulnerable Software and Affected Versions** XFree86-doc versions 4.1.0 through 4.3.0 XFree86-twm versions 4.1.0 through 4.3.0 XFree86-Mesa-libGLU version 4.3.0 XFree86-devel versions 4.1.0 through 4.3.0 XFree86-font-utils version 4.3.0 XFree86-xf86cfg versions 4.1.0 XFree86-ISO8859-9-75dpi-fonts versions 4.1.0 through 4.3.0 XFree86-ISO8859-15-75dpi-fonts versions 4.1.0 through 4.3.0 XFree86-cyrillic-fonts versions 4.1.0 through 4.3.0 xorg-x11-server-sdk version 1.1.1 XFree86-ISO8859-14-75dpi-fonts version 4.3.0 XFree86-ISO8859-9-100dpi-fonts versions 4.1.0 through 4.3.0 XFree86-xdm versions 4.1.0 through 4.3.0 XFree86-libs versions 4.1.0 through 4.3.0 XFree86-tools versions 4.1.0 through 4.3.0 XFree86-ISO8859-2-75dpi-fonts versions 4.1.0 through 4.3.0 xorg-server versions prior to 1.3.0.0-r6 XFree86-syriac-fonts version 4.3.0 xorg-x11-server-Xdmx version 1.1.1 XFree86-ISO8859-15-100dpi-fonts versions 4.1.0 through 4.3.0 xorg-x11-server-Xnest version 1.1.1 XFree86-75dpi-fonts versions 4.1.0 through 4.3.0 XFree86-base-fonts version 4.3.0 XFree86-ISO8859-15-100dpi-fonts version 4.1.0 xorg-x11-server-Xorg version 1.1.1 xorg-x11-server version 1.1.1 xorg-x11-server-Xephyr version 1.1.1 XFree86-ISO8859-2-100dpi-fonts versions 4.1.0 through 4.3.0 XFree86-devel version 4.1.0 xorg-x11-Xvnc XFree86-ISO8859-9-100dpi-fonts version 4.1.0 XFree86-xfs versions 4.1.0 through 4.3.0 XFree86-Xvfb versions 4.1.0 through 4.3.0 xorg-x11-server-randr-source version 1.1.1 XFree86-4.1.0 XFree86-4.3.0 XFree86-ISO8859-2-75dpi-fonts version 4.3.0 XFree86-libs-data version 4.3.0 XFree86-ISO8859-14-100dpi-fonts version 4.3.0 XFree86-ISO8859-9-75dpi-fonts version 4.1.0 XFree86-Xnest versions 4.1.0 through 4.3.0 XFree86-sdk version 4.3.0 XFree86-100dpi-fonts versions 4.1.0 through 4.3.0 XFree86-Mesa-libGL version 4.3.0 XFree86-ISO8859-2-100dpi-fonts version 4.1.0 XFree86-truetype-fonts version 4.3.0 **Description** The issue is related to multiple vulnerabilities in various XFree86 and xorg-x11 packages, which can lead to a disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. The vulnerabilities are caused by an integer overflow in the AllocateGlyph function in the Render extension in the X server, allowing context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, triggering a heap-based buffer overflow. **Recommendations** For XFree86-doc versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-twm versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-Mesa-libGLU version 4.3.0, update to a version outside of this range. For XFree86-devel versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-font-utils version 4.3.0, update to a version outside of this range. For XFree86-xf86cfg versions 4.1.0, update to a version outside of this range. For XFree86-ISO8859-9-75dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-ISO8859-15-75dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-cyrillic-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For xorg-x11-server-sdk version 1.1.1, update to a version outside of this range. For XFree86-ISO8859-14-75dpi-fonts version 4.3.0, update to a version outside of this range. For XFree86-ISO8859-9-100dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-xdm versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-libs versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-tools versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-ISO8859-2-75dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For xorg-server versions prior to 1.3.0.0-r6, update to version 1.3.0.0-r6 or later. For XFree86-syriac-fonts version 4.3.0, update to a version outside of this range. For xorg-x11-server-Xdmx version 1.1.1, update to a version outside of this range. For XFree86-ISO8859-15-100dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For xorg-x11-server-Xnest version 1.1.1, update to a version outside of this range. For XFree86-75dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-base-fonts version 4.3.0, update to a version outside of this range. For XFree86-ISO8859-15-100dpi-fonts version 4.1.0, update to a version outside of this range. For xorg-x11-server-Xorg version 1.1.1, update to a version outside of this range. For xorg-x11-server version 1.1.1, update to a version outside of this range. For xorg-x11-server-Xephyr version 1.1.1, update to a version outside of this range. For XFree86-ISO8859-2-100dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-devel version 4.1.0, update to a version outside of this range. For xorg-x11-Xvnc, update to a version outside of this range. For XFree86-ISO8859-9-100dpi-fonts version 4.1.0, update to a version outside of this range. For XFree86-xfs versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-Xvfb versions 4.1.0 through 4.3.0, update to a version outside of this range. For xorg-x11-server-randr-source version 1.1.1, update to a version outside of this range. For XFree86-4.1.0, update to a version outside of this range. For XFree86-4.3.0, update to a version outside of this range. For XFree86-ISO8859-2-75dpi-fonts version 4.3.0, update to a version outside of this range. For XFree86-libs-data version 4.3.0, update to a version outside of this range. For XFree86-ISO8859-14-100dpi-fonts version 4.3.0, update to a version outside of this range. For XFree86-ISO8859-9-75dpi-fonts version 4.1.0, update to a version outside of this range. For XFree86-Xnest versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-sdk version 4.3.0, update to a version outside of this range. For XFree86-100dpi-fonts versions 4.1.0 through 4.3.0, update to a version outside of this range. For XFree86-Mesa-libGL version 4.3.0, update to a version outside of this range. For XFree86-ISO8859-2-100dpi-fonts version 4.1.0, update to a version outside of this range. For XFree86-truetype-fonts version 4.3.0, update to a version outside of this range.

**Name of the Vulnerable Software and Affected Versions** XFree86-twm version 4.3.0 XFree86-devel version 4.3.0 XFree86-font-utils version 4.3.0 XFree86-ISO8859-9-75dpi-fonts version 4.3.0 XFree86-cyrillic-fonts version 4.3.0 xorg-x11-server-sdk version 1.1.1 XFree86-ISO8859-9-100dpi-fonts version 4.3.0 XFree86-ISO8859-14-75dpi-fonts version 4.3.0 XFree86-libs version 4.3.0 XFree86-tools version 4.3.0 xorg-x11-server-Xnest version 1.1.1 xorg-server versions prior to 1.3.0.0-r6 XFree86-syriac-fonts version 4.3.0 xorg-x11-server-Xdmx version 1.1.1 XFree86-75dpi-fonts version 4.3.0 XFree86-ISO8859-15-100dpi-fonts version 4.3.0 XFree86-base-fonts version 4.3.0 XFree86-doc version 4.3.0 XFree86-ISO8859-15-75dpi-fonts version 4.3.0 XFree86-xauth version 4.3.0 xorg-x11-Xvfb xorg-x11-server-Xorg version 1.1.1 xorg-x11-server version 1.1.1 xorg-x11-server-Xephyr version 1.1.1 XFree86-ISO8859-2-100dpi-fonts version 4.3.0 xorg-x11-Xvnc XFree86-xdm version 4.3.0 xorg-x11-server-Xvfb version 1.1.1 xorg-x11-server XFree86-xfs version 4.3.0 xorg-x11-server-randr-source version 1.1.1 XFree86-Xvfb version 4.3.0 XFree86-Mesa-libGL version 4.3.0 XFree86-libs-data version 4.3.0 XFree86-ISO8859-2-75dpi-fonts version 4.3.0 XFree86-ISO8859-14-100dpi-fonts version 4.3.0 XFree86 version 4.3.0 XFree86-Xnest version 4.3.0 XFree86-Mesa-libGLU version 4.3.0 XFree86-sdk version 4.3.0 **Description** The issue is related to multiple vulnerabilities in various packages of the XFree86 and xorg-x11-server software, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. The vulnerabilities are caused by multiple integer overflows in the Render extension in the X server, which can allow context-dependent attackers to execute arbitrary code via specific requests with invalid fields. **Recommendations** For XFree86-twm version 4.3.0, update to a newer version. For XFree86-devel version 4.3.0, update to a newer version. For XFree86-font-utils version 4.3.0, update to a newer version. For XFree86-ISO8859-9-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-cyrillic-fonts version 4.3.0, update to a newer version. For xorg-x11-server-sdk version 1.1.1, update to a newer version. For XFree86-ISO8859-9-100dpi-fonts version 4.3.0, update to a newer version. For XFree86-ISO8859-14-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-libs version 4.3.0, update to a newer version. For XFree86-tools version 4.3.0, update to a newer version. For xorg-x11-server-Xnest version 1.1.1, update to a newer version. For xorg-server versions prior to 1.3.0.0-r6, update to version 1.3.0.0-r6 or later. For XFree86-syriac-fonts version 4.3.0, update to a newer version. For xorg-x11-server-Xdmx version 1.1.1, update to a newer version. For XFree86-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-ISO8859-15-100dpi-fonts version 4.3.0, update to a newer version. For XFree86-base-fonts version 4.3.0, update to a newer version. For XFree86-doc version 4.3.0, update to a newer version. For XFree86-ISO8859-15-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-xauth version 4.3.0, update to a newer version. For xorg-x11-Xvfb, update to a newer version. For xorg-x11-server-Xorg version 1.1.1, update to a newer version. For xorg-x11-server version 1.1.1, update to a newer version. For xorg-x11-server-Xephyr version 1.1.1, update to a newer version. For XFree86-ISO8859-2-100dpi-fonts version 4.3.0, update to a newer version. For xorg-x11-Xvnc, update to a newer version. For XFree86-xdm version 4.3.0, update to a newer version. For xorg-x11-server-Xvfb version 1.1.1, update to a newer version. For xorg-x11-server, update to a newer version. For XFree86-xfs version 4.3.0, update to a newer version. For xorg-x11-server-randr-source version 1.1.1, update to a newer version. For XFree86-Xvfb version 4.3.0, update to a newer version. For XFree86-Mesa-libGL version 4.3.0, update to a newer version. For XFree86-libs-data version 4.3.0, update to a newer version. For XFree86-ISO8859-2-75dpi-fonts version 4.3.0, update to a newer version. For XFree86-ISO8859-14-100dpi-fonts version 4.3.0, update to a newer version. For XFree86 version 4.3.0, update to a newer version. For XFree86-Xnest version 4.3.0, update to a newer version. For XFree86-Mesa-libGLU version 4.3.0, update to a newer version. For XFree86-sdk version 4.3.0, update to a newer version.