SB2018100814 - Off-by-one error in libx11 (Alpine package)
Published: October 8, 2018
Security Bulletin ID
SB2018100814
Severity
High
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Off-by-one error (CVE-ID: CVE-2018-14599)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to an off-by-one memory write error in the XGetFontPath(), XListExtensions(), and XListFonts() functions. A remote unauthenticated attacker can cause a remote X server to return a specially crafted response to trigger memory corruption and execute arbitrary code on the target X client.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=ed32bc3bc0848f7aa57c0f0533d62ba6ef086ceb
- https://git.alpinelinux.org/aports/commit/?id=96b4ffd87fea35a16d73bdf288b2dcbe5d15bc82
- https://git.alpinelinux.org/aports/commit/?id=bcd0f76d147745372d23b1840ff44b000c95bd81
- https://git.alpinelinux.org/aports/commit/?id=d7c441ba3f0fdfc555c09ca51f315ba46459eaa4
- https://git.alpinelinux.org/aports/commit/?id=e9064e9114d515f0f789828a1b8c7390c135f541
- https://git.alpinelinux.org/aports/commit/?id=f673b89cd43dc3fe12a443558e82318ed03fb6ef