CVE-2013-1994

Multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro in openChrome 0.3.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) uniDRIOpenConnection and (2) uniDRIGetClientDriverName functions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
Affected Products (NVD)
VendorProductVersion
openchromeopenchrome
𝑥
≤ 0.3.2
xlibchromexvmc
-
xlibchromexvmcpro
-
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
xserver-xorg-video-openchrome
bookworm
1:0.6.0-5
fixed
bullseye
1:0.6.0-4
fixed
sid
1:0.6.0-5
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
xserver-xorg-video-openchrome
lucid
ignored
precise
Fixed 1:0.2.904+svn1050-1ubuntu0.1
released
quantal
Fixed 1:0.3.1-0ubuntu1.12.10.1
released
raring
Fixed 1:0.3.1-0ubuntu1.13.04.1
released
xserver-xorg-video-openchrome-lts-quantal
lucid
dne
precise
Fixed 1:0.3.1-0ubuntu1~precise3
released
quantal
dne
raring
dne
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
glx-utils
RHEL 6
0:10.1.2-2.el6
fixed
intel-gpu-tools
RHEL 6
0:2.99.911-6.el6
fixed
libdrm
RHEL 6
0:2.4.52-4.el6
fixed
libdrm-devel
RHEL 6
0:2.4.52-4.el6
fixed
libpciaccess
RHEL 6
0:0.13.3-0.1.el6
fixed
libpciaccess-devel
RHEL 6
0:0.13.3-0.1.el6
fixed
libwacom
RHEL 6
0:0.8-1.el6
fixed
libwacom-data
RHEL 6
0:0.8-1.el6
fixed
libwacom-devel
RHEL 6
0:0.8-1.el6
fixed
mesa-demos
RHEL 6
0:10.1.2-2.el6
fixed
mesa-dri-drivers
RHEL 6
0:10.1.2-2.el6
fixed
mesa-dri-filesystem
RHEL 6
0:10.1.2-2.el6
fixed
mesa-libEGL
RHEL 6
0:10.1.2-2.el6
fixed
mesa-libEGL-devel
RHEL 6
0:10.1.2-2.el6
fixed
mesa-libGL
RHEL 6
0:10.1.2-2.el6
fixed
mesa-libGL-devel
RHEL 6
0:10.1.2-2.el6
fixed
mesa-libGLU
RHEL 6
0:10.1.2-2.el6
fixed
mesa-libGLU-devel
RHEL 6
0:10.1.2-2.el6
fixed
mesa-libOSMesa
RHEL 6
0:10.1.2-2.el6
fixed
mesa-libOSMesa-devel
RHEL 6
0:10.1.2-2.el6
fixed
mesa-libgbm
RHEL 6
0:10.1.2-2.el6
fixed
mesa-libgbm-devel
RHEL 6
0:10.1.2-2.el6
fixed
mesa-private-llvm
RHEL 6
0:3.4-3.el6
fixed
mesa-private-llvm-devel
RHEL 6
0:3.4-3.el6
fixed
pixman
RHEL 6
0:0.32.4-4.el6
fixed
pixman-devel
RHEL 6
0:0.32.4-4.el6
fixed
xcb-util
RHEL 6
0:0.3.6-5.el6
fixed
xcb-util-devel
RHEL 6
0:0.3.6-5.el6
fixed
xcb-util-image
RHEL 6
0:0.3.9-4.el6
fixed
xcb-util-image-devel
RHEL 6
0:0.3.9-4.el6
fixed
xcb-util-keysyms
RHEL 6
0:0.3.9-5.el6
fixed
xcb-util-keysyms-devel
RHEL 6
0:0.3.9-5.el6
fixed
xcb-util-wm
RHEL 6
0:0.3.9-5.el6
fixed
xcb-util-wm-devel
RHEL 6
0:0.3.9-5.el6
fixed
xorg-x11-apps
RHEL 6
0:7.7-6.el6
fixed
xorg-x11-drv-acecad
RHEL 6
0:1.5.0-7.el6
fixed
xorg-x11-drv-aiptek
RHEL 6
0:1.4.1-5.el6
fixed
xorg-x11-drv-apm
RHEL 6
0:1.2.5-10.el6
fixed
xorg-x11-drv-ast
RHEL 6
0:0.98.0-1.el6
fixed
xorg-x11-drv-ati
RHEL 6
0:7.3.99-2.el6
fixed
xorg-x11-drv-ati-firmware
RHEL 6
0:7.3.99-2.el6
fixed
xorg-x11-drv-cirrus
RHEL 6
0:1.5.2-2.el6
fixed
xorg-x11-drv-dummy
RHEL 6
0:0.3.6-15.el6
fixed
xorg-x11-drv-elographics
RHEL 6
0:1.4.1-3.el6
fixed
xorg-x11-drv-evdev
RHEL 6
0:2.8.2-4.el6
fixed
xorg-x11-drv-evdev-devel
RHEL 6
0:2.8.2-4.el6
fixed
xorg-x11-drv-fbdev
RHEL 6
0:0.4.3-16.el6
fixed
xorg-x11-drv-fpit
RHEL 6
0:1.4.0-6.el6
fixed
xorg-x11-drv-geode
RHEL 6
0:2.11.15-1.el6
fixed
xorg-x11-drv-glint
RHEL 6
0:1.2.8-10.el6
fixed
xorg-x11-drv-hyperpen
RHEL 6
0:1.4.1-5.el6
fixed
xorg-x11-drv-i128
RHEL 6
0:1.3.6-10.el6
fixed
xorg-x11-drv-i740
RHEL 6
0:1.3.4-11.el6
fixed
xorg-x11-drv-intel
RHEL 6
0:2.99.911-6.el6
fixed
xorg-x11-drv-intel-devel
RHEL 6
0:2.99.911-6.el6
fixed
xorg-x11-drv-keyboard
RHEL 6
0:1.8.0-1.el6
fixed
xorg-x11-drv-mach64
RHEL 6
0:6.9.4-8.el6
fixed
xorg-x11-drv-mga
RHEL 6
0:1.6.3-5.el6
fixed
xorg-x11-drv-modesetting
RHEL 6
0:0.8.0-14.el6
fixed
xorg-x11-drv-mouse
RHEL 6
0:1.9.0-1.el6
fixed
xorg-x11-drv-mouse-devel
RHEL 6
0:1.9.0-1.el6
fixed
xorg-x11-drv-mutouch
RHEL 6
0:1.3.0-5.el6
fixed
xorg-x11-drv-neomagic
RHEL 6
0:1.2.7-7.el6
fixed
xorg-x11-drv-nouveau
RHEL 6
1:1.0.10-1.el6
fixed
xorg-x11-drv-nv
RHEL 6
0:2.1.20-5.el6
fixed
xorg-x11-drv-openchrome
RHEL 6
0:0.3.3-6.el6
fixed
xorg-x11-drv-openchrome-devel
RHEL 6
0:0.3.3-6.el6
fixed
xorg-x11-drv-penmount
RHEL 6
0:1.5.0-5.el6
fixed
xorg-x11-drv-qxl
RHEL 6
0:0.1.1-15.el6
fixed
xorg-x11-drv-r128
RHEL 6
0:6.9.1-8.el6
fixed
xorg-x11-drv-rendition
RHEL 6
0:4.2.5-10.el6
fixed
xorg-x11-drv-s3virge
RHEL 6
0:1.10.6-10.el6
fixed
xorg-x11-drv-savage
RHEL 6
0:2.3.7-2.el6
fixed
xorg-x11-drv-siliconmotion
RHEL 6
0:1.7.7-9.el6
fixed
xorg-x11-drv-sis
RHEL 6
0:0.10.7-10.el6
fixed
xorg-x11-drv-sisusb
RHEL 6
0:0.9.6-10.el6
fixed
xorg-x11-drv-synaptics
RHEL 6
0:1.7.6-1.el6
fixed
xorg-x11-drv-synaptics-devel
RHEL 6
0:1.7.6-1.el6
fixed
xorg-x11-drv-tdfx
RHEL 6
0:1.4.5-10.el6
fixed
xorg-x11-drv-trident
RHEL 6
0:1.3.6-10.el6
fixed
xorg-x11-drv-v4l
RHEL 6
0:0.2.0-36.el6
fixed
xorg-x11-drv-vesa
RHEL 6
0:2.3.2-15.el6
fixed
xorg-x11-drv-vmmouse
RHEL 6
0:13.0.0-2.el6
fixed
xorg-x11-drv-vmware
RHEL 6
0:13.0.1-9.el6
fixed
xorg-x11-drv-void
RHEL 6
0:1.4.0-23.el6
fixed
xorg-x11-drv-voodoo
RHEL 6
0:1.2.5-10.el6
fixed
xorg-x11-drv-wacom
RHEL 6
0:0.23.0-4.el6
fixed
xorg-x11-drv-wacom-devel
RHEL 6
0:0.23.0-4.el6
fixed
xorg-x11-drv-xgi
RHEL 6
0:1.6.0-20.20121114git.el6
fixed
xorg-x11-glamor
RHEL 6
0:0.6.0-5.20140506gitf78901e.el6
fixed
xorg-x11-glamor-devel
RHEL 6
0:0.6.0-5.20140506gitf78901e.el6
fixed
xorg-x11-server-Xdmx
RHEL 6
0:1.15.0-22.el6
fixed
xorg-x11-server-Xephyr
RHEL 6
0:1.15.0-22.el6
fixed
xorg-x11-server-Xnest
RHEL 6
0:1.15.0-22.el6
fixed
xorg-x11-server-Xorg
RHEL 6
0:1.15.0-22.el6
fixed
xorg-x11-server-Xvfb
RHEL 6
0:1.15.0-22.el6
fixed
xorg-x11-server-common
RHEL 6
0:1.15.0-22.el6
fixed
xorg-x11-server-devel
RHEL 6
0:1.15.0-22.el6
fixed
xorg-x11-server-source
RHEL 6
0:1.15.0-22.el6
fixed
xorg-x11-server-utils
RHEL 6
0:7.7-2.el6
fixed
Common Weakness Enumeration
References
http://www.debian.org/security/2013/dsa-2679
http://www.openwall.com/lists/oss-security/2013/05/23/3
http://www.ubuntu.com/usn/USN-1871-1
http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
http://www.debian.org/security/2013/dsa-2679
http://www.openwall.com/lists/oss-security/2013/05/23/3
http://www.ubuntu.com/usn/USN-1871-1
http://www.x.org/wiki/Development/Security/Advisory-2013-05-23