X.Org Hit Hard By A Large Batch Of Security Vulnerabilities
The X.Org Foundation announced publicly today, "Ilja van Sprundel, a security researcher with IOActive, has discovered a large number of issues in the way the X server code base handles requests from X clients, and has worked with X.Org's security team to analyze, confirm, and fix these issues."
These latest vulnerabilities can lead to a denial of service or lead to arbitrary code execution. These issues date back to the 80's and 90's -- thus affecting most X.Org running systems out there. The oldest of these vulnerabilities go back to 1987 with X11 core protocol requests.
These issues have been known privately for some time to the developers while today the advisories are going out publicly. There's a lot of them and just how bad the situation is depends upon your X.Org configuration. "How critical these vulnerabilities are to any given installation depends on whether they run an X server with root privileges or reduced privileges; whether they run X servers exposed to network clients or limited to local connections; and whether or not they allow use of the affected protocol extensions, especially the GLX extension."
Among the vulnerabilities are an unchecked malloc in client authentication leading to a potential denial of service, integer overflows, and out of bounds access due to not checking lengths/offsets in requests. The issued CVEs include CVE-2014-8091, CVE-2014-8092, CVE-2014-8093, CVE-2014-8094, CVE-2014-8095, CVE-2014-8096, CVE-2014-8097, CVE-2014-8098, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102, and CVE-2014-8103.
Fixes for these X.Org issues are currently in Git form and should appear out in fully released form soon. More details via the big security advisory. NVIDIA also issued this statement concerning the vulnerabilities that affect their graphics drivers.