CVE-2014-0210
Publication date 13 May 2014
Last updated 24 July 2024
Ubuntu priority
Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function.
Status
Package | Ubuntu Release | Status |
---|---|---|
libxfont | 14.04 LTS trusty |
Not affected
|
Notes
mdeslaur
trusty and later are built with --disable-fc, so this shouldn’t be an issue. Adding patch anyway for completeness’ sake.
Patch details
Package | Patch details |
---|---|
libxfont |
References
Related Ubuntu Security Notices (USN)
- USN-2211-1
- libXfont vulnerabilities
- 14 May 2014