CVE-2017-13720

Published: 05 October 2017

In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because '\0' characters are incorrectly skipped in situations involving ? characters.

Priority

Low

CVSS 3 base score: 7.1

Status

Package Release Status
libxfont
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus)
Released (1:1.5.1-1ubuntu0.16.04.3)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (1:1.4.7-1ubuntu0.3)
Patches:
Upstream: https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d1e670a4a8704b8708e493ab6155589bcd570608
libxfont1
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

libxfont2
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus)
Released (1:2.0.1-3~ubuntu16.04.2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist