Main Vulnerability Database SB2018010807

SB2018010807 - Gentoo update for LibXfont, LibXfont2

Published: January 8, 2018

Security Bulletin ID SB2018010807

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Privilege escalation (CVE-ID: CVE-2017-16611)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to improper privileges control. A local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.

Remediation

Install update from vendor's website.

References

https://security.gentoo.org/glsa/201801-10