Patch/Configuration Management, Vulnerability Management

Audit uncovers major Linux flaw

A Department of Homeland Security (DHS) audit has uncovered a major flaw in the X Window System used by open-source users.

Vulnerability monitoring firm Secunia said today that the flaw was "moderately critical. It was caused due to a buffer size calculation error within the X Render extension triangle handling code, according to a Secunia advisory.

Secunia recommended that affected users apply an available patch for the flaw.

Coverity, a San Francisco-based company auditing open-source security for DHS, found the flaw, calling it the biggest X Window flaw found in years, according to a report by eWeek.

The flaw could be used to allow local users to execute code with root privileges, according to Secunia's report.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.