Main Vulnerability Database SB2017112915

SB2017112915 - Ubuntu update for libXfont

Published: November 29, 2017

Security Bulletin ID SB2017112915

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Privilege escalation (CVE-ID: CVE-2017-16611)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to improper privileges control. A local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.

Remediation

Install update from vendor's website.

References

http://www.ubuntu.com/usn/usn-3500-1/