USN-1502-1: X.Org X Server vulnerability
11 July 2012
The X.Org X server could be made to crash if a specially crafted input device was added.
Releases
Packages
- xorg-server - X.Org X server
Details
Ken Mixter discovered a format string vulnerability in the
LogVHdrMessageVerb function when handling input device names. This
could allow a local attacker to cause a denial of service or possibly
execute arbitrary code.
The default compiler options for the affected release should reduce
the vulnerability to a denial of service.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04
After a standard system update you need to reboot your computer to make
all the necessary changes.