Bug 740961 (CVE-2010-4819)

Summary: CVE-2010-4819 X.org: ProcRenderAddGlyphs input sanitization flaw
Product: [Other] Security Response Reporter: Vincent Danen <vdanen>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: ajax, jlieskov, rcvalle, xgl-maint
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-10-06 18:18:20 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 741649, 741650, 741651, 741652, 741654, 741688    
Bug Blocks: 740962    

Description Vincent Danen 2011-09-23 21:55:06 UTC 
It was reported [1] that ProcRenderAddGlyphs() suffered from an input sanitization flaw.  This could allow a local attacker to possibly expose arbitrary memory or crash the X server.

This has been fixed upstream [2].

[1] https://bugs.freedesktop.org/show_bug.cgi?id=28801
[2] http://cgit.freedesktop.org/xorg/xserver/commit/render/render.c?id=5725849a1b427cd4a72b84e57f211edb35838718
Comment 1 Vincent Danen 2011-09-23 22:02:09 UTC 
This doesn't affect Fedora 14+ (xorg-server-1.9.5) as the patch in [2] is applied.
Comment 11 errata-xmlrpc 2011-10-06 17:46:25 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5
  Red Hat Enterprise Linux 6

Via RHSA-2011:1359 https://rhn.redhat.com/errata/RHSA-2011-1359.html
Comment 12 errata-xmlrpc 2011-10-06 18:07:43 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 4

Via RHSA-2011:1360 https://rhn.redhat.com/errata/RHSA-2011-1360.html