CVE-2017-13723
10.10.2017, 01:30
In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| x.org | x_server | 𝑥 ≤ 1.19.3 |
| debian | debian_linux | 8.0 |
| debian | debian_linux | 9.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||
|---|---|---|---|---|---|---|---|
| xorg |
| ||||||
| xorg-hwe-16.04 |
| ||||||
| xorg-server |
| ||||||
| xorg-server-hwe-16.04 |
| ||||||
| xorg-server-lts-utopic |
| ||||||
| xorg-server-lts-vivid |
| ||||||
| xorg-server-lts-wily |
| ||||||
| xorg-server-lts-xenial |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| xorg-x11-server |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
| xorg-x11-server-Xvfb |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
| xorg-x11-server-extra |
|
Common Weakness Enumeration
References