X.org security fixes address potential ASLR bypass, heap corruption
([Security] Jul 31, 2020 17:38 UTC (Fri) (coogle))
- Reference: 0000827701
- News link: https://lwn.net/Articles/827701/
- Source link:
The X.Org project has announced two security advisories that impact Xserver and libX11. The [1]first advisory for X server is regarding uninitialized memory in AllocatePixmap() that could lead to [2]address space layout randomization bypass . [3]The second , impacting libX11, is a heap corruption caused by integer overflows and signed/unsigned comparisons.
[1] https://lwn.net/Articles/827704
[2] https://en.wikipedia.org/wiki/Address_space_layout_randomization
[3] https://lwn.net/Articles/827705
[1] https://lwn.net/Articles/827704
[2] https://en.wikipedia.org/wiki/Address_space_layout_randomization
[3] https://lwn.net/Articles/827705