what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Linux Security Advisory 1595-1

Debian Linux Security Advisory 1595-1
Posted Jun 13, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1595-1 - Lack of validation of the parameters of the SProcSecurityGenerateAuthorization SProcRecordCreateContext functions makes it possible for a specially crafted request to trigger the swapping of bytes outside the parameter of these requests, causing memory corruption. An integer overflow in the validation of the parameters of the ShmPutImage() request makes it possible to trigger the copy of arbitrary server memory to a pixmap that can subsequently be read by the client, to read arbitrary parts of the X server memory space. An integer overflow may occur in the computation of the size of the glyph to be allocated by the AllocateGlyph() function which will cause less memory to be allocated than expected, leading to later heap overflow. An integer overflow may occur in the computation of the size of the glyph to be allocated by the ProcRenderCreateCursor() function which will cause less memory to be allocated than expected, leading later to dereferencing un-mapped memory, causing a crash of the X server. Integer overflows can also occur in the code validating the parameters for the SProcRenderCreateLinearGradient, SProcRenderCreateRadialGradient and SProcRenderCreateConicalGradient functions, leading to memory corruption by swapping bytes outside of the intended request parameters.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362
SHA-256 | 8bb80d9e191b414bb1fc52ae160f8716e0f93880b309bf094fa85c41663b059f

Debian Linux Security Advisory 1595-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1595-1 security@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
June 11, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : xorg-server
Vulnerability : several
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2008-1377 CVE-2008-1379 CVE-2008-2360 CVE-2008-2361
CVE-2008-2362

Several local vulnerabilities have been discovered in the X Window system.
The Common Vulnerabilities and Exposures project identifies the following
problems:

CVE-2008-1377

Lack of validation of the parameters of the
SProcSecurityGenerateAuthorization SProcRecordCreateContext
functions makes it possible for a specially crafted request to trigger
the swapping of bytes outside the parameter of these requests, causing
memory corruption.

CVE-2008-1379

An integer overflow in the validation of the parameters of the
ShmPutImage() request makes it possible to trigger the copy of
arbitrary server memory to a pixmap that can subsequently be read by
the client, to read arbitrary parts of the X server memory space.

CVE-2008-2360

An integer overflow may occur in the computation of the size of the
glyph to be allocated by the AllocateGlyph() function which will cause
less memory to be allocated than expected, leading to later heap
overflow.

CVE-2008-2361

An integer overflow may occur in the computation of the size of the
glyph to be allocated by the ProcRenderCreateCursor() function which
will cause less memory to be allocated than expected, leading later
to dereferencing un-mapped memory, causing a crash of the X server.

CVE-2008-2362

Integer overflows can also occur in the code validating the parameters
for the SProcRenderCreateLinearGradient, SProcRenderCreateRadialGradient
and SProcRenderCreateConicalGradient functions, leading to memory
corruption by swapping bytes outside of the intended request
parameters.

For the stable distribution (etch), these problems have been fixed in version
2:1.1.1-21etch5.

For the unstable distribution (sid), these problems have been fixed in
version 2:1.4.1~git20080517-2.

We recommend that you upgrade your xorg-server package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Source archives:

http://security.debian.org/pool/updates/main/x/xorg-server/xorg-server_1.1.1.orig.tar.gz
Size/MD5 checksum: 8388609 15852049050e49f380f953d8715500b9
http://security.debian.org/pool/updates/main/x/xorg-server/xorg-server_1.1.1-21etch5.diff.gz
Size/MD5 checksum: 632764 c982d4e00ede14d7627297a457d0320b
http://security.debian.org/pool/updates/main/x/xorg-server/xorg-server_1.1.1-21etch5.dsc
Size/MD5 checksum: 2024 fc534ccff948c702a4ef0cf531deaccf

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_alpha.deb
Size/MD5 checksum: 353656 2706862a69138ee94fcbb31211e0c4a5
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_alpha.deb
Size/MD5 checksum: 4455548 ff3a26b71c5e317258df73baa97ab7e2
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_alpha.deb
Size/MD5 checksum: 1030886 44ff2d44fcfaf0473e7bdc43180f0beb
http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_alpha.deb
Size/MD5 checksum: 1767104 79c0289e2d897f6173240887459a6bd4
http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_alpha.deb
Size/MD5 checksum: 1930704 c6ef24273a6f88b77088e2cd8cd8db1e
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_alpha.deb
Size/MD5 checksum: 140478 286561a4926171499be367df85bc7146
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_alpha.deb
Size/MD5 checksum: 1964526 22a6658d46f631e0a60c618dd4fb723d

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_amd64.deb
Size/MD5 checksum: 134018 08d9419fdbff4f1e163122fa5112e336
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_amd64.deb
Size/MD5 checksum: 1654086 37abd310608a1204a95e90878fd0e1d1
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_amd64.deb
Size/MD5 checksum: 859948 37099efb5371cb17f6689e3c90dd0038
http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_amd64.deb
Size/MD5 checksum: 1472576 c0e587f113cc6fd656587ed08959bff2
http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_amd64.deb
Size/MD5 checksum: 1622812 ccb434f8e7dc1908c61652f71a4512cd
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_amd64.deb
Size/MD5 checksum: 350956 5cf742aa111b5e006d015e85bb7afdfb
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_amd64.deb
Size/MD5 checksum: 3919134 e1befedf8342c06a50ea3dd84ac5da5f

arm architecture (ARM)

http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_arm.deb
Size/MD5 checksum: 125572 4f0f268985c0596e0f5b059459308abd
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_arm.deb
Size/MD5 checksum: 3778010 e716984d0990375c62a0d5a4a5cbabc0
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_arm.deb
Size/MD5 checksum: 352298 462cb5ee2ccfb0d220a94413b4fa0e77
http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_arm.deb
Size/MD5 checksum: 1446028 cd0fca4306ea72641d82bcf8751fc418
http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_arm.deb
Size/MD5 checksum: 1598864 db43f26ed6a6f1b3125e0af7920b3f89
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_arm.deb
Size/MD5 checksum: 854518 16a33b692e5ca981e6a7e71a15e650bb
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_arm.deb
Size/MD5 checksum: 1622894 0c2289bee8b093b0f9c3328faebcb02e

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_hppa.deb
Size/MD5 checksum: 1822068 48fe44f3fdf125336657a8c1b019daf8
http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_hppa.deb
Size/MD5 checksum: 1662618 64d8f779fcce4a61b1556a5f13669204
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_hppa.deb
Size/MD5 checksum: 4400602 0f72c68314ef61163178688104e2cf8d
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_hppa.deb
Size/MD5 checksum: 353908 5ffc6917aff7513248e4042617197871
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_hppa.deb
Size/MD5 checksum: 910136 59828e23227be68ea9553b2cf71328e9
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_hppa.deb
Size/MD5 checksum: 1854792 9b60b9f61b0481817166b94c261c6c44
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_hppa.deb
Size/MD5 checksum: 134908 649b2e1b4d1f2349305d1a8345bc2b4a

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_i386.deb
Size/MD5 checksum: 1388494 2d75e017e06d12fef00abd3516b19aa1
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_i386.deb
Size/MD5 checksum: 808458 f243812b25df4f648a428fbe0e53f387
http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_i386.deb
Size/MD5 checksum: 1538312 cd554920bc9601c748383d64bd4072ac
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_i386.deb
Size/MD5 checksum: 121818 ed0f888cfc27db61a3e8f723b93ad1bb
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_i386.deb
Size/MD5 checksum: 345606 72c2acb632d6c86fdcd2b05759747ec8
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_i386.deb
Size/MD5 checksum: 3655134 44748e455c0430134e2b81704276ab64
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_i386.deb
Size/MD5 checksum: 1563522 a68b5bb2ded4aaeb38af7bb1d069eaa1

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_ia64.deb
Size/MD5 checksum: 2496678 f696eadca3cc5646d5c5cfa3d45f737e
http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_ia64.deb
Size/MD5 checksum: 2448490 5e86a9c9f46fdae3d838df88a6a08f29
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_ia64.deb
Size/MD5 checksum: 5491656 0778e3c6a23cd6190f789b5b790526ed
http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_ia64.deb
Size/MD5 checksum: 2220690 6e88b371e6de346a26a5b157601e13f3
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_ia64.deb
Size/MD5 checksum: 161788 cd678648723e9cab464144dab81f7b3d
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_ia64.deb
Size/MD5 checksum: 1306936 ff26354f105c0b08424588b5dd44023a
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_ia64.deb
Size/MD5 checksum: 345528 aab6138fba10180d29e2a849aa5d1d11

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_mips.deb
Size/MD5 checksum: 137652 cbaf8796e7f4db0dc869ff9607caa230
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_mips.deb
Size/MD5 checksum: 3842442 38aa5e3b6cf0ed22f0322d7acad35d10
http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_mips.deb
Size/MD5 checksum: 1682974 0a04a328ea52ac64d6d3b35b4aafc2d6
http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_mips.deb
Size/MD5 checksum: 1537288 9d0cf23ee7ef9ebb25467e1ec15659e2
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_mips.deb
Size/MD5 checksum: 1714678 a7dc64ea9d8ea2b4c88075235f2c465d
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_mips.deb
Size/MD5 checksum: 862590 dae745db6339d6b3ee874f9cf5991d7c
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_mips.deb
Size/MD5 checksum: 353814 3a0181d7c775dce97018d5457c75bf33

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_mipsel.deb
Size/MD5 checksum: 134954 f61f2419ef8fad397243d7efc638db98
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_mipsel.deb
Size/MD5 checksum: 345558 f5ba2c73c9a1ed528b7ff1ba173f0114
http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_mipsel.deb
Size/MD5 checksum: 1528702 5d453afbb299c865d1c75daf8eb2bf64
http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_mipsel.deb
Size/MD5 checksum: 1674800 6324ac98164b8a9afa527149494ea044
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_mipsel.deb
Size/MD5 checksum: 1709264 6a837175dff2a568b8bc81007038c1eb
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_mipsel.deb
Size/MD5 checksum: 3710732 b554e87fb4100c6495853da0b09df739
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_mipsel.deb
Size/MD5 checksum: 862620 b1cf7114eda921f92e0c49a2ec081682

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_powerpc.deb
Size/MD5 checksum: 842676 0db68c7ca974d3e136f296d8651efb07
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_powerpc.deb
Size/MD5 checksum: 3983816 8a1b74966c423a5c473997a46abb55c1
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_powerpc.deb
Size/MD5 checksum: 1612710 57561a7d212cadb23fe56e4e663d3274
http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_powerpc.deb
Size/MD5 checksum: 1448654 2fba5a0781f499ffed19e04f8d0ebb21
http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_powerpc.deb
Size/MD5 checksum: 1587794 c4054528cfcc1d159769002064633724
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_powerpc.deb
Size/MD5 checksum: 345594 68d046b496080fb1bf02f874b76a47c0
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_powerpc.deb
Size/MD5 checksum: 136982 f9736a4fe2dc18a6b48e64c08012204a

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_s390.deb
Size/MD5 checksum: 4132622 f4a24c252b0c631f9f167b17ccaee281
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_s390.deb
Size/MD5 checksum: 1740820 dc93f80715edf4824e0ab9132f2cec4c
http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_s390.deb
Size/MD5 checksum: 1566750 f62c4b61e2bdc5a04c4a5365af064313
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_s390.deb
Size/MD5 checksum: 130744 b5c7f27981f36b56d6a5c640514f3ee6
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_s390.deb
Size/MD5 checksum: 345526 048f84d8a5e196fedff3c96dcecfcedd
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_s390.deb
Size/MD5 checksum: 885218 bdd1fda7f1340585fd9884ace64f12c2
http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_s390.deb
Size/MD5 checksum: 1709994 54fd0c7a4ccaf8c739d77d1b4a2af64f

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch5_sparc.deb
Size/MD5 checksum: 346026 fa0865d3f1c20f78a8c7f8cf862a19c2
http://security.debian.org/pool/updates/main/x/xorg-server/xvfb_1.1.1-21etch5_sparc.deb
Size/MD5 checksum: 1524636 f1173aaf52f47a537cdf0d101d59118b
http://security.debian.org/pool/updates/main/x/xorg-server/xnest_1.1.1-21etch5_sparc.deb
Size/MD5 checksum: 1392106 616401ab84a3aacfc160a1778905db3e
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xephyr_1.1.1-21etch5_sparc.deb
Size/MD5 checksum: 1548902 df4d826882bc583849c18f956986f12b
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx-tools_1.1.1-21etch5_sparc.deb
Size/MD5 checksum: 120070 20a1f9d22a7c91443e24a903e34c89ae
http://security.debian.org/pool/updates/main/x/xorg-server/xdmx_1.1.1-21etch5_sparc.deb
Size/MD5 checksum: 779658 fbe53553bbb53dabb36bdaabce4dfc17
http://security.debian.org/pool/updates/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch5_sparc.deb
Size/MD5 checksum: 3697696 266f42a55e01cca9a1cae85eaf35e67e


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBSFBOHGz0hbPcukPfAQJOYQf/dTbzupXOVGtdzV8ofJKi6l0JWtAL2/xW
VaiKK0doyoV1mPP97CUxOBEDYXR0/o7dxsfFrDFjXZL+6qOhEWazkwUVcHmPaTiV
nYLVVtQuOO8bpFOXodvrOIQuLhPqKbSUX5gdVep5ap2eR5rf6zcmVke05ViZ9Ih1
Fzj1Pvm2/HO0+cSUSxqHn9ckZo0ncEzxjT2QJMFyJzKgipSAbsjwZCdIQGk0VYQX
M15pfaUu0S7UkVV302NeDBoa/CkyPJzaP4or+6sNaxLhy2P+5jFwS4+JH6oKxzmj
RxMMSbwtXYuURL8x083u/2jnL828Nm4hS9/bl8ITQq9F6xrL5Sy0sQ==
=H/AA
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close