CVE-2007-4990

Name of the Vulnerable Software and Affected Versions xfs versions prior to 1.0.5 xorg-x11-Mesa-devel (affected versions not specified) xorg-x11-Mesa-devel-32bit (affected versions not specified) xorg-x11-Mesa (affected versions not specified) xorg-x11-Mesa-32bit (affected versions not specified) xorg-x11-driver-options (affected versions not specified) xorg-x11-Xprt (affected versions not specified) xorg-x11-Mesa-devel-static (affected versions not specified)

Description The issue involves multiple vulnerabilities in various packages of the xorg-x11 and xfs software, which can lead to disruption of confidentiality, integrity, and availability of protected information. Exploitation of these vulnerabilities can be carried out remotely. Specifically, the swap char2b function in X.Org X Font Server (xfs) before version 1.0.5 allows context-dependent attackers to execute arbitrary code via crafted size values in QueryXBitmaps and QueryXExtents protocol requests, triggering heap corruption.

Recommendations For xfs versions prior to 1.0.5, update to version 1.0.5 or later. For xorg-x11-Mesa-devel, consider disabling vulnerable functions until a patch is available. For xorg-x11-Mesa-devel-32bit, restrict access to vulnerable modules to minimize the risk of exploitation. For xorg-x11-Mesa, avoid using vulnerable parameters in affected API endpoints until the issue is resolved. For xorg-x11-Mesa-32bit, consider temporarily disabling the use of vulnerable components as a quick mitigation measure. For xorg-x11-driver-options, restrict access to vulnerable modules to minimize the risk of exploitation. For xorg-x11-Xprt, consider disabling vulnerable functions until a patch is available. For xorg-x11-Mesa-devel-static, avoid using vulnerable parameters in affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability for some of the affected software.