Debian Security Advisory

DLA-120-2 xorg-server -- LTS security update

Date Reported:
04 May 2015
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2015-3418.
More information:

Andreas Cord-Landwehr reported an issue where the X.Org Xserver would often crash with an arithmetic exception when maximizing application windows.

This issue (CVE-2015-3418) is a regression which got introduced by fixing CVE-2014-8092. The above referenced version of xorg-server in Debian squeeze-lts fixes this regression in the following way:

The length checking code validates PutImage height and byte width by making sure that byte-width >= INT32_MAX / height. If height is zero, this generates a divide by zero exception. Allow zero height requests explicitly, bypassing the INT32_MAX check (in dix/dispatch.c).

For Debian 6 Squeeze, these issues have been fixed in xorg-server version 2:1.7.7-18+deb6u3