The vulnerability is due to a stack buffer overflow in LibXcomps, which can be exploited by malicious attackers to execute arbitrary code on the affected device. LibXcomps is a shared library that implements various graphics-related functions in the Linux operating system. LibXcomps is used by various applications on Linux systems, such as X11/X server, Xephyr, X.org, GNOME, KDE, Compiz, LXDE, etc.
The LibXcomps bug has been assigned the CVE-2019-1135. If a user’s system is affected by this issue, users are advised to upgrade to the latest version of LibXcomps, which fixes this issue. LibXcomps is released under the GNU General Public License version 3, so the source code is available for anyone who wants to fix this issue.
References:
* https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1135
* https://github.com/libxcomps
How to Check if LibXcomps is Installed?
To check whether LibXcomps is installed on the system, use the following command:
which xcompmgr
If it is not installed, then type this command to install it:
sudo apt-get install libxcomps-dev
Timeline
Published on: 05/10/2022 21:15:00 UTC
Last modified on: 05/19/2022 20:30:00 UTC