A heap bufferflow in pcfReadFont() due to missing glyph bounds checking in libXfont2 before 2.0.8 allows attackers authenticated as X client to execute code within the X server.
{ "binaries": [ { "binary_name": "libxfont1", "binary_version": "1:1.4.7-1ubuntu0.4" } ] }
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-56002.json"
{ "binaries": [ { "binary_name": "libxfont1", "binary_version": "1:1.5.1-1ubuntu0.16.04.4" } ] }
{ "binaries": [ { "binary_name": "libxfont2", "binary_version": "1:2.0.1-3~ubuntu16.04.3" } ] }
{ "binaries": [ { "binary_name": "libxfont2", "binary_version": "1:2.0.3-1" } ] }
{ "binaries": [ { "binary_name": "libxfont2", "binary_version": "1:2.0.5-1build1" } ] }
{ "binaries": [ { "binary_name": "libxfont2", "binary_version": "1:2.0.6-1build1" } ] }
{ "binaries": [ { "binary_name": "libxfont2", "binary_version": "1:2.0.6-2" } ] }