Advisories ยป MGASA-2013-0317

Updated x11-server packages fix CVE-2013-4396

Publication date: 25 Oct 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-4396

Description

Updated x11-server packages fix security vulnerability:

Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in
the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated
users to cause a denial of service (daemon crash) or possibly execute arbitrary
code via a crafted ImageText request that triggers memory-allocation failure
(CVE-2013-4396).
                

References

SRPMS

2/core

3/core