Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1519082 - (CVE-2017-16611) CVE-2017-16611 libXfont: User can trigger arbitrary file read by X server causing a DoS
CVE-2017-16611 libXfont: User can trigger arbitrary file read by X server cau...
Status: CLOSED WONTFIX
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20171125,reported=2...
: Security
Depends On: 1519083 1519084
Blocks: 1519085
  Show dependency treegraph
 
Reported: 2017-11-30 00:42 EST by Sam Fowler
Modified: 2017-11-30 23:30 EST (History)
10 users (show)

See Also:
Fixed In Version: libXfont 1.5.4, libXfont2 2.0.3
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-11-30 23:30:53 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Sam Fowler 2017-11-30 00:42:54 EST 
A low privileged user can create symlinks to trigger arbitrary file reads by X server. Under certain configurations, a user can create a symlink to special files (e.g. /dev/watchdog) to cause a denial of service.

A non-privileged X client can instruct X server running under root to open any file by creating a directory with symlinks(s) named "fonts.dir", "fonts.alias" or any font file to link to any other file in the system. X server will follow the symlink and open and read the file. When opened and under certain configurations, special files like /dev/watchdog can trigger system operations (e.g. reboot).

References:
http://openwall.com/lists/oss-security/2017/11/28/7
https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?h=libXfont-1.5-branch&id=5ed8ac0e4f063825b8ecda48e9a111d3ce92e825
https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=7b377456f95d2ec3ead40f4fb74ea620191f88c8
Comment 1 Sam Fowler 2017-11-30 00:43:16 EST 
Created libXfont tracking bugs for this issue:

Affects: fedora-all [bug 1519084]


Created libXfont2 tracking bugs for this issue:

Affects: fedora-all [bug 1519083]
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.