About Ubuntu

=========================================================== Ubuntu Security Notice USN-182-1 September 12, 2005 xorg, xfree86 vulnerabilities CAN-2005-2495 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: xserver-xfree86 xserver-xorg The problem can be corrected by upgrading the affected package to version 4.3.0.dfsg.1-6ubuntu25.3 (for Ubuntu 4.10), or 6.8.2-10.1 (for Ubuntu 5.04). After a standard system upgrade you need to restart your X session to effect the necessary changes. Details follow: A local privilege escalation vulnerability has been discovered in the pixmap allocation handling of the X server. By allocating a huge pixmap, a local user could trigger an integer overflow that resulted in a memory allocation that was too small for the requested pixmap. This resulted in a buffer overflow which could eventually be exploited to execute arbitrary code with full root privileges.