FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libXfont -- permission bypass when opening files through symlinks

Affected packages
libXfont < 1.5.4
libXfont2 < 2.0.3


VuXML ID 08a125f3-e35a-11e7-a293-54e1ad3d6335
Discovery 2017-11-25
Entry 2017-12-17

the project reports:

A non-privileged X client can instruct X server running under root to open any file by creating own directory with "fonts.dir", "fonts.alias" or any font file being a symbolic link to any other file in the system. X server will then open it. This can be issue with special files such as /dev/watchdog.


CVE Name CVE-2017-16611