FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libXfont -- Stack buffer overflow in parsing of BDF font files in libXfont

Affected packages
libXfont < 1.4.7,1

Details

VuXML ID 28c575fa-784e-11e3-8249-001cc0380077
Discovery 2013-12-24
Entry 2014-01-08

freedesktop.org reports:

A BDF font file containing a longer than expected string can cause a buffer overflow on the stack. Testing in X servers built with Stack Protector restulted in an immediate crash when reading a user-proveded specially crafted font.

As libXfont is used to read user-specified font files in all X servers distributed by X.Org, including the Xorg server which is often run with root privileges or as setuid-root in order to access hardware, this bug may lead to an unprivileged user acquiring root privileges in some systems.

References

CVE Name CVE-2013-6462
URL http://lists.x.org/archives/xorg-announce/2014-January/002389.html