X.Org security advisory: CVE-2013-4396: Use after free in Xserver handling of ImageText requests

Jeremy C. Reed reed at reedmedia.net
Mon Nov 18 10:48:20 PST 2013

On Tue, 8 Oct 2013, Alan Coopersmith wrote:

> Pedro Ribeiro (pedrib at gmail.com) reported an issue to the X.Org 
> security team in which an authenticated X client can cause an X server 
> to use memory after it was freed, potentially leading to crash and/or 
> memory corruption.

Does this happen unknown to the authenticated user, where the X server 
crashes?  Or does the authenticated user actually need some instrumented 
malicious client to cause the crash? Does the memory corruption allow 
running some code on the server with different privileges?

Does X.org Security use CVSS or some other measurement to decide if a 
bug is a security vulnerability? If so, where documented? Thanks.

More information about the xorg mailing list