Upstream information
Description
Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
National Vulnerability Database | |
---|---|
Base Score | 9.3 |
Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Access Vector | Network |
Access Complexity | Medium |
Authentication | None |
Confidentiality Impact | Complete |
Integrity Impact | Complete |
Availability Impact | Complete |
SUSE Security Advisories:
- SUSE-SU-2014:0219-1, published Tue Feb 11 10:04:11 MST 2014
- SUSE-SU-2014:0881-1, published Wed Jul 9 12:04:13 MDT 2014
- TID7021434, published Sa 3. Mär 12:00:37 CET 2018
- TID7021676, published Sa 3. Mär 10:24:18 CET 2018
- TID7021738, published Sa 19. Mai 14:06:46 CEST 2018 openSUSE-SU-2014:0073-1 openSUSE-SU-2014:0075-1
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Enterprise Storage 6 SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Manager Proxy 4.0 SUSE Manager Retail Branch Server 4.0 SUSE Manager Server 4.0 |
| Patchnames: SUSE Linux Enterprise Module for Basesystem 15 SP1 GA libXfont-devel-1.5.4-1.17 |
SUSE Enterprise Storage 7.1 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2 |
| Patchnames: SUSE Linux Enterprise Module for Basesystem 15 SP3 GA libXfont-devel-1.5.4-1.17 |
SUSE Enterprise Storage 7 SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 |
| Patchnames: SUSE Linux Enterprise Module for Basesystem 15 SP2 GA libXfont-devel-1.5.4-1.17 |
SUSE Linux Enterprise Desktop 11 SP2 |
| Patchnames: sdksp2-xorg-x11-devel sledsp2-xorg-x11-devel |
SUSE Linux Enterprise Desktop 11 SP3 |
| Patchnames: sdksp3-xorg-x11-devel sledsp3-xorg-x11-devel |
SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 11 SP4 GA xorg-x11-devel-32bit-7.4-8.26.44.1 |
SUSE Linux Enterprise Desktop 12 SP1 |
| Patchnames: SUSE Linux Enterprise Desktop 12 SP1 GA libXfont1-1.4.7-4.1 SUSE Linux Enterprise Software Development Kit 12 SP1 GA libXfont-devel-1.4.7-4.1 |
SUSE Linux Enterprise Desktop 12 SP2 |
| Patchnames: SUSE Linux Enterprise Desktop 12 SP2 GA libXfont1-1.5.1-10.3 SUSE Linux Enterprise Software Development Kit 12 SP2 GA libXfont-devel-1.5.1-10.3 |
SUSE Linux Enterprise Desktop 12 SP3 |
| Patchnames: SUSE Linux Enterprise Desktop 12 SP3 GA libXfont1-1.5.1-10.3 SUSE Linux Enterprise Software Development Kit 12 SP3 GA libXfont-devel-1.5.1-10.3 |
SUSE Linux Enterprise Desktop 12 SP4 |
| Patchnames: SUSE Linux Enterprise Desktop 12 SP4 GA libXfont1-1.5.1-11.3.12 SUSE Linux Enterprise Software Development Kit 12 SP4 GA libXfont-devel-1.5.1-11.3.12 |
SUSE Linux Enterprise Desktop 12 |
| Patchnames: SUSE Linux Enterprise Desktop 12 GA libXfont1-1.4.7-2.9 SUSE Linux Enterprise Software Development Kit 12 GA libXfont-devel-1.4.7-2.9 |
SUSE Linux Enterprise Desktop 15 SP4 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 |
| Patchnames: SUSE Linux Enterprise Module for Basesystem 15 SP4 GA libXfont-devel-1.5.4-1.17 |
SUSE Linux Enterprise Desktop 15 SP5 SUSE Linux Enterprise High Performance Computing 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP5 |
| Patchnames: SUSE Linux Enterprise Module for Basesystem 15 SP5 GA libXfont-devel-1.5.4-1.17 |
SUSE Linux Enterprise Desktop 15 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server for SAP Applications 15 |
| Patchnames: SUSE Linux Enterprise Module for Basesystem 15 GA libXfont-devel-1.5.4-1.17 |
SUSE Linux Enterprise High Performance Computing 12 SP5 |
| Patchnames: SUSE Linux Enterprise High Performance Computing 12 SP5 GA libXfont1-1.5.1-11.3.12 |
SUSE Linux Enterprise Server 11 SP1-LTSS |
| Patchnames: slessp1-xorg-x11-devel |
SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP2 |
| Patchnames: sdksp2-xorg-x11-devel slessp2-xorg-x11-devel |
SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP3 |
| Patchnames: sdksp3-xorg-x11-devel slessp3-xorg-x11-devel |
SUSE Linux Enterprise Server 11 SP4 |
| Patchnames: SUSE Linux Enterprise Server 11 SP4 GA xorg-x11-libs-32bit-7.4-8.26.44.1 SUSE Linux Enterprise Software Development Kit 11 SP4 GA xorg-x11-devel-32bit-7.4-8.26.44.1 |
SUSE Linux Enterprise Server 12 SP1 |
| Patchnames: SUSE Linux Enterprise Server 12 SP1 GA libXfont1-1.4.7-4.1 SUSE Linux Enterprise Software Development Kit 12 SP1 GA libXfont-devel-1.4.7-4.1 |
SUSE Linux Enterprise Server 12 SP2 |
| Patchnames: SUSE Linux Enterprise Server 12 SP2 GA libXfont1-1.5.1-10.3 SUSE Linux Enterprise Software Development Kit 12 SP2 GA libXfont-devel-1.5.1-10.3 |
SUSE Linux Enterprise Server 12 SP3 |
| Patchnames: SUSE Linux Enterprise Server 12 SP3 GA libXfont1-1.5.1-10.3 SUSE Linux Enterprise Software Development Kit 12 SP3 GA libXfont-devel-1.5.1-10.3 |
SUSE Linux Enterprise Server 12 SP4 |
| Patchnames: SUSE Linux Enterprise Server 12 SP4 GA libXfont1-1.5.1-11.3.12 SUSE Linux Enterprise Software Development Kit 12 SP4 GA libXfont-devel-1.5.1-11.3.12 |
SUSE Linux Enterprise Server 12 SP5 |
| Patchnames: SUSE Linux Enterprise Server 12 SP5 GA libXfont1-1.5.1-11.3.12 SUSE Linux Enterprise Software Development Kit 12 SP5 GA libXfont-devel-1.5.1-11.3.12 |
SUSE Linux Enterprise Server 12 |
| Patchnames: SUSE Linux Enterprise Server 12 GA libXfont1-1.4.7-2.7 SUSE Linux Enterprise Software Development Kit 12 GA libXfont-devel-1.4.7-2.9 |
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 |
| Patchnames: SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA libXfont1-1.5.1-10.3 |
SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP1 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP1 GA libXfont-devel-1.4.7-4.1 |
SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP2 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP2 GA libXfont-devel-1.5.1-10.3 |
SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP3 GA libXfont-devel-1.5.1-10.3 |
SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP4 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP4 GA libXfont-devel-1.5.1-11.3.12 |
SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP5 GA libXfont-devel-1.5.1-11.3.12 |
SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Software Development Kit 12 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 12 GA libXfont-devel-1.4.7-2.9 |
SUSE Linux Enterprise Software Development Kit 11 SP2 |
| Patchnames: sdksp2-xorg-x11-devel |
SUSE Linux Enterprise Software Development Kit 11 SP3 |
| Patchnames: sdksp3-xorg-x11-devel |
openSUSE Leap 15.3 |
| Patchnames: openSUSE Leap 15.3 GA libXfont1-1.5.4-1.17 |
openSUSE Leap 15.4 |
| Patchnames: openSUSE Leap 15.4 GA libXfont1-1.5.4-1.17 |
openSUSE Tumbleweed |
| Patchnames: openSUSE-Tumbleweed-2024-10299 |
First public cloud image revisions this CVE is fixed in:
- google/sles-15-sp3-sapcal-v20210812
- google/sles-15-sp3-v20210812
- microsoft/suse-sles-15-sp3-sapcal-v20220120
SUSE Timeline for this CVE
CVE page created: Wed Dec 11 13:55:33 2013CVE page last modified: Thu Jul 25 12:28:02 2024