Описание
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2017-16611
- https://bugzilla.suse.com/show_bug.cgi?id=1050459
- https://lists.debian.org/debian-lts-announce/2022/01/msg00028.html
- https://marc.info/?l=freedesktop-xorg-announce&m=151188044218304&w=2
- https://marc.info/?l=freedesktop-xorg-announce&m=151188049718337&w=2
- https://security.gentoo.org/glsa/201801-10
- http://security.cucumberlinux.com/security/details.php?id=155
- http://www.openwall.com/lists/oss-security/2017/11/28/7
- http://www.ubuntu.com/usn/USN-3500-1
Связанные уязвимости
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker ...
Уязвимость библиотеки LibXfont, связанная с неверным определением символических ссылок перед доступом к файлу, позволяющая нарушителю вызвать отказ в обслуживании