RHEL 5 : xorg-x11-server (RHSA-2012:0303)

low Nessus Plugin ID 58057

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

Updated xorg-x11-server packages that fix one security issue and various bugs are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.

A flaw was found in the way the X.Org server handled lock files. A local user with access to the system console could use this flaw to determine the existence of a file in a directory not accessible to the user, via a symbolic link attack. (CVE-2011-4028)

Red Hat would like to thank the researcher with the nickname vladz for reporting this issue.

This update also fixes the following bugs :

* In rare cases, if the front and back buffer of the miDbePositionWindow() function were not both allocated in video memory, or were both allocated in system memory, the X Window System sometimes terminated unexpectedly. A patch has been provided to address this issue and X no longer crashes in the described scenario.
(BZ#596899)

* Previously, when the miSetShape() function called the miRegionDestroy() function with a NULL region, X terminated unexpectedly if the backing store was enabled. Now, X no longer crashes in the described scenario. (BZ#676270)

* On certain workstations running in 32-bit mode, the X11 mouse cursor occasionally became stuck near the left edge of the X11 screen. A patch has been provided to address this issue and the mouse cursor no longer becomes stuck in the described scenario. (BZ#529717)

* On certain workstations with a dual-head graphics adapter using the r500 driver in Zaphod mode, the mouse pointer was confined to one monitor screen and could not move to the other screen. A patch has been provided to address this issue and the mouse cursor works properly across both screens. (BZ#559964)

* Due to a double free operation, Xvfb (X virtual framebuffer) terminated unexpectedly with a segmentation fault randomly when the last client disconnected, that is when the server reset. This bug has been fixed in the miDCCloseScreen() function and Xvfb no longer crashes. (BZ#674741)

* Starting the Xephyr server on an AMD64 or Intel 64 architecture with an integrated graphics adapter caused the server to terminate unexpectedly. This bug has been fixed in the code and Xephyr no longer crashes in the described scenario. (BZ#454409)

* Previously, when a client made a request bigger than 1/4th of the limit advertised in the BigRequestsEnable reply, the X server closed the connection unexpectedly. With this update, the maxBigRequestSize variable has been added to the code to check the size of client requests, thus fixing this bug. (BZ#555000)

* When an X client running on a big-endian system called the XineramaQueryScreens() function, the X server terminated unexpectedly.
This bug has been fixed in the xf86Xinerama module and the X server no longer crashes in the described scenario. (BZ#588346)

* When installing Red Hat Enterprise Linux 5 on an IBM eServer System p blade server, the installer did not set the correct mode on the built-in KVM (Keyboard-Video-Mouse). Consequently, the graphical installer took a very long time to appear and then was displayed incorrectly. A patch has been provided to address this issue and the graphical installer now works as expected in the described scenario.
Note that this fix requires the Red Hat Enterprise Linux 5.8 kernel update. (BZ#740497)

* Lines longer than 46,340 pixels can be drawn with one of the coordinates being negative. However, for dashed lines, the miPolyBuildPoly() function overflowed the 'int' type when setting up edges for a section of a dashed line. Consequently, dashed segments were not drawn at all. An upstream patch has been applied to address this issue and dashed lines are now drawn correctly. (BZ#649810)

All users of xorg-x11-server are advised to upgrade to these updated packages, which correct these issues. All running X.Org server instances must be restarted for this update to take effect.

Solution

Update the affected packages.

See Also

https://access.redhat.com/errata/RHSA-2012:0303

https://access.redhat.com/security/cve/cve-2011-4028

Plugin Details

Severity: Low

ID: 58057

File Name: redhat-RHSA-2012-0303.nasl

Version: 1.23

Type: local

Agent: unix

Published: 2/21/2012

Updated: 1/14/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Low

Base Score: 1.2

Temporal Score: 0.9

Vector: CVSS2#AV:L/AC:H/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-xorg, p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-debuginfo, cpe:/o:redhat:enterprise_linux:5, p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-xnest, p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-xvnc-source, p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-sdk, p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-xdmx, p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-xvfb, p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-xephyr

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 2/21/2012

Vulnerability Publication Date: 7/3/2012

Reference Information

CVE: CVE-2011-4028

BID: 50193

RHSA: 2012:0303