The X.Org X server could be made to crash if a specially crafted input device was added. Updated packages are available from security.ubuntu.com.
========================================================================== Ubuntu Security Notice USN-1502-1 July 11, 2012 xorg-server vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS Summary: The X.Org X server could be made to crash if a specially crafted input device was added. Software Description: - xorg-server: X.Org X server Details: Ken Mixter discovered a format string vulnerability in the LogVHdrMessageVerb function when handling input device names. This could allow a local attacker to cause a denial of service or possibly execute arbitrary code. The default compiler options for the affected release should reduce the vulnerability to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: xserver-xorg-core 2:1.11.4-0ubuntu10.5 After a standard system update you need to reboot your computer to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1502-1 CVE-2012-2118 Package Information: https://launchpad.net/ubuntu/+source/xorg-server/2:1.11.4-0ubuntu10.5