CVE-2011-4029
Published: 18 October 2011
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.
Priority
Status
Package | Release | Status |
---|---|---|
xorg-server Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Released
(2:1.7.6-2ubuntu7.8)
|
|
maverick |
Released
(2:1.9.0-0ubuntu7.5)
|
|
natty |
Released
(2:1.10.1-1ubuntu1.3)
|
|
oneiric |
Released
(2:1.10.4-1ubuntu4.1)
|
|
upstream |
Needs triage
|