nx-X11/lib · 985ca320f841bd9a3efc484f92436b3d65ec1b31 · dimbor / nx-libs

CVE-2014-0210: unvalidated length fields in fs_read_list_info() from… · b65259bf

authored Feb 08, 2015

CVE-2014-0210: unvalidated length fields in fs_read_list_info() from xorg/lib/libXfont commit d338f81df1e188eb16e1d6aeea7f4800f89c1218

fs_read_list_info() parses a reply from the font server. The reply
contains a number of additional data items with embedded length or
count fields, none of which are validated. This can cause out of
bound reads when looping over these items in the reply.

b65259bf

Name	Last commit	Last update
..
GL		Loading commit data...
X11		Loading commit data...
XRes		Loading commit data...
Xau		Loading commit data...
Xcomposite		Loading commit data...
Xcursor		Loading commit data...
Xdamage		Loading commit data...
Xdmcp		Loading commit data...
Xext		Loading commit data...
Xfixes		Loading commit data...
Xinerama		Loading commit data...
Xpm		Loading commit data...
Xrandr		Loading commit data...
Xrender		Loading commit data...
Xtst		Loading commit data...
Xxf86dga		Loading commit data...
Xxf86misc		Loading commit data...
Xxf86rush		Loading commit data...
Xxf86vm		Loading commit data...
font		Loading commit data...
misc		Loading commit data...
oldX		Loading commit data...
xkbfile		Loading commit data...
xkbui		Loading commit data...
xtrans		Loading commit data...
Imakefile		Loading commit data...