RedHat Update For LibXfont RHSA-2011:1154-01 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. A buffer overflow flaw was found in the way the libXfont library, used by the X.Org server, handled malformed font files compressed using UNIX compress. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. (CVE-2011-2895) Users of libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for the update to take effect.

Affected

libXfont on Red Hat Enterprise Linux (v. 5 server)

References

https://www.redhat.com/archives/rhsa-announce/2011-August/msg00007.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-2895
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

RedHat Security Advisory RHSA-2009:0377
RedHat Security Advisory RHSA-2009:0331
RedHat Security Advisory RHSA-2009:0014
RedHat Security Advisory RHSA-2009:1038
RedHat Security Advisory RHSA-2009:0332

RedHat Update for libXfont RHSA-2011:1154-01

Take action and discover your vulnerabilities