Wind River Support Network


LIN6-7584 : Security Advisory - libxfont - CVE-2014-0209

Created: Jun 2, 2014    Updated: Dec 3, 2018
Resolved Date: Jun 17, 2014
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace


Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata.

Other Downloads

Live chat