|Related CVE||CVE-2018-14598 CVE-2018-14599 CVE-2018-14600|
Several issues were discovered in libx11, the client interface to the X Windows System. The functions XGetFontPath, XListExtensions, and XListFonts are vulnerable to an off-by-one override on malicious server responses. A malicious server could also send a reply in which the first string overflows, causing a variable set to NULL that will be freed later on, leading to a segmentation fault and Denial of Service. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to a Denial of Service or possibly remote code execution.
For Debian 7 Wheezy, these problems have been fixed in version 2:1.5.0-1+deb7u5.
We recommend that you upgrade your libx11 packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/