CVE-2013-4396

Publication date 10 October 2013

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.

Status

Package Ubuntu Release Status
xorg-server 13.04 raring
Fixed 2:1.13.3-0ubuntu6.2
12.10 quantal
Fixed 2:1.13.0-0ubuntu6.4
12.04 LTS precise
Fixed 2:1.11.4-0ubuntu10.14
10.04 LTS lucid Ignored end of life
xorg-server-lts-quantal 13.04 raring Not in release
12.10 quantal Not in release
12.04 LTS precise
Fixed 2:1.13.0-0ubuntu6.1~precise4
10.04 LTS lucid Not in release
xorg-server-lts-raring 13.04 raring Not in release
12.10 quantal Not in release
12.04 LTS precise
Fixed 2:1.13.3-0ubuntu6~precise3
10.04 LTS lucid Not in release

References

Related Ubuntu Security Notices (USN)

    • USN-1990-1
    • X.Org X server vulnerabilities
    • 17 October 2013

Other references