X marks the Linux security hole

The X.Org Foundation and several Linux vendors have released updates for the X Window System technology on which most Linux graphical front-ends are based, fixing serious security flaws in a graphics-manipulation component.

A number of bugs in libXpm, a library used for manipulating pixmaps, could allow an attacker to execute malicious code on a Linux system, X.Org said in an advisory last week. The bugs, including integer overflows, out-of-bounds memory accesses, insecure path traversal and an endless loop, could be exploited by tricking a user into viewing a specially crafted pixmap file with one of the many applications that rely on libXpm, X.Org said.

X.Org published a patch last week, and Linux vendors including Suse, Red Hat and Gentoo have followed up with their own patches. The flawed library is found in both XFree86 and X.Org, two separate implementations of the X Window System. Danish security firm Secunia, which maintains a database of vulnerabilities, rated the bugs as "highly critical", its second-highest ranking out of five.

The bugs are related to earlier problems with libXpm that surfaced in September. After those bugs surfaced "a more extensive security audit was made", said X.Org in its warning. The bugs affect X.Org releases up to and including R6.8.1, and are likely to affect any other products that include the library, such as lesstif and OpenMotif, the organisation said.

Many imaging-related flaws have surfaced this year, including bugs in the Mozilla Foundation's browsers, a serious Microsoft vulnerability in decoding JPEG images, and further bugs in the imlib library, Qt and Internet Explorer.