Red Hat plugs hole

Linux supplier Red warns users to download a patch to stop intruders taking over systems.

Linux supplier Red Hat is warning users of its enterprise systems to download a patch to stop intruders taking over their systems.

The vulnerability affects open source XFree86, an implementation of the X Window System that provides low-level graphics functionality for graphical user interface systems, such as KDE and Gnome.

The flaw is an integer overflow in the libXpm library, which is part of XFree86. The library is used by some applications to open XPM images, and an attacker could use a malicious XPM file to execute code on a user's system.

Updated XFree86 packages that fix the libXpm integer overflow flaw are now available from Red Hat.

More information is available at:

Read more on IT risk management