CVE-2017-2625

It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
Affected Products (NVD)
VendorProductVersion
x.orglibxdmcp
𝑥
< 1.1.2
redhatenterprise_linux
7.0
redhatenterprise_linux_desktop
7.0
redhatenterprise_linux_server
7.0
redhatenterprise_linux_server_aus
7.4
redhatenterprise_linux_server_eus
7.4
redhatenterprise_linux_server_eus
7.5
redhatenterprise_linux_workstation
7.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libxdmcp
bookworm
1:1.1.2-3
fixed
bullseye
1:1.1.2-3
fixed
sid
1:1.1.2-3
fixed
trixie
1:1.1.2-3
fixed
wheezy
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libxdmcp
artful
ignored
bionic
Fixed 1:1.1.2-3
released
cosmic
ignored
disco
Fixed 1:1.1.2-3
released
eoan
Fixed 1:1.1.2-3
released
focal
Fixed 1:1.1.2-3
released
groovy
Fixed 1:1.1.2-3
released
hirsute
Fixed 1:1.1.2-3
released
impish
Fixed 1:1.1.2-3
released
jammy
Fixed 1:1.1.2-3
released
kinetic
Fixed 1:1.1.2-3
released
precise
ignored
trusty
Fixed 1:1.1.1-1ubuntu0.1~esm1
released
xenial
Fixed 1:1.1.2-1.1ubuntu0.1~esm1
released
yakkety
ignored
zesty
ignored
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libXdmcp6
suse enterprise sap 12 SP3
1.1.1-12.1
fixed
suse enterprise sap 12 SP5
1.1.1-12.1
fixed
suse enterprise server 12 SP3
1.1.1-12.1
fixed
suse enterprise server 12 SP4
1.1.1-12.1
fixed
suse enterprise server 12 SP5
1.1.1-12.1
fixed
libXdmcp6-32bit
suse enterprise sap 12 SP3
1.1.1-12.1
fixed
suse enterprise sap 12 SP5
1.1.1-12.1
fixed
suse enterprise server 12 SP3
1.1.1-12.1
fixed
suse enterprise server 12 SP4
1.1.1-12.1
fixed
suse enterprise server 12 SP5
1.1.1-12.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
drm-utils
RHEL 7
0:2.4.74-1.el7
fixed
libICE
RHEL 7
0:1.0.9-9.el7
fixed
libICE-devel
RHEL 7
0:1.0.9-9.el7
fixed
libX11
RHEL 7
0:1.6.5-1.el7
fixed
libX11-common
RHEL 7
0:1.6.5-1.el7
fixed
libX11-devel
RHEL 7
0:1.6.5-1.el7
fixed
libXaw
RHEL 7
0:1.0.13-4.el7
fixed
libXaw-devel
RHEL 7
0:1.0.13-4.el7
fixed
libXcursor
RHEL 7
0:1.1.14-8.el7
fixed
libXcursor-devel
RHEL 7
0:1.1.14-8.el7
fixed
libXdmcp
RHEL 7
0:1.1.2-6.el7
fixed
libXdmcp-devel
RHEL 7
0:1.1.2-6.el7
fixed
libXfixes
RHEL 7
0:5.0.3-1.el7
fixed
libXfixes-devel
RHEL 7
0:5.0.3-1.el7
fixed
libXfont
RHEL 7
0:1.5.2-1.el7
fixed
libXfont-devel
RHEL 7
0:1.5.2-1.el7
fixed
libXfont2
RHEL 7
0:2.0.1-2.el7
fixed
libXfont2-devel
RHEL 7
0:2.0.1-2.el7
fixed
libXi
RHEL 7
0:1.7.9-1.el7
fixed
libXi-devel
RHEL 7
0:1.7.9-1.el7
fixed
libXpm
RHEL 7
0:3.5.12-1.el7
fixed
libXpm-devel
RHEL 7
0:3.5.12-1.el7
fixed
libXrandr
RHEL 7
0:1.5.1-2.el7
fixed
libXrandr-devel
RHEL 7
0:1.5.1-2.el7
fixed
libXrender
RHEL 7
0:0.9.10-1.el7
fixed
libXrender-devel
RHEL 7
0:0.9.10-1.el7
fixed
libXt
RHEL 7
0:1.1.5-3.el7
fixed
libXt-devel
RHEL 7
0:1.1.5-3.el7
fixed
libXtst
RHEL 7
0:1.2.3-1.el7
fixed
libXtst-devel
RHEL 7
0:1.2.3-1.el7
fixed
libXv
RHEL 7
0:1.0.11-1.el7
fixed
libXv-devel
RHEL 7
0:1.0.11-1.el7
fixed
libXvMC
RHEL 7
0:1.0.10-1.el7
fixed
libXvMC-devel
RHEL 7
0:1.0.10-1.el7
fixed
libXxf86vm
RHEL 7
0:1.1.4-1.el7
fixed
libXxf86vm-devel
RHEL 7
0:1.1.4-1.el7
fixed
libdrm
RHEL 7
0:2.4.74-1.el7
fixed
libdrm-devel
RHEL 7
0:2.4.74-1.el7
fixed
libepoxy
RHEL 7
0:1.3.1-1.el7
fixed
libepoxy-devel
RHEL 7
0:1.3.1-1.el7
fixed
libevdev
RHEL 7
0:1.5.6-1.el7
fixed
libevdev-devel
RHEL 7
0:1.5.6-1.el7
fixed
libevdev-utils
RHEL 7
0:1.5.6-1.el7
fixed
libfontenc
RHEL 7
0:1.1.3-3.el7
fixed
libfontenc-devel
RHEL 7
0:1.1.3-3.el7
fixed
libinput
RHEL 7
0:1.6.3-2.el7
fixed
libinput-devel
RHEL 7
0:1.6.3-2.el7
fixed
libvdpau
RHEL 7
0:1.1.1-3.el7
fixed
libvdpau-devel
RHEL 7
0:1.1.1-3.el7
fixed
libvdpau-docs
RHEL 7
0:1.1.1-3.el7
fixed
libwacom
RHEL 7
0:0.24-1.el7
fixed
libwacom-data
RHEL 7
0:0.24-1.el7
fixed
libwacom-devel
RHEL 7
0:0.24-1.el7
fixed
libxcb
RHEL 7
0:1.12-1.el7
fixed
libxcb-devel
RHEL 7
0:1.12-1.el7
fixed
libxcb-doc
RHEL 7
0:1.12-1.el7
fixed
libxkbcommon
RHEL 7
0:0.7.1-1.el7
fixed
libxkbcommon-devel
RHEL 7
0:0.7.1-1.el7
fixed
libxkbcommon-x11
RHEL 7
0:0.7.1-1.el7
fixed
libxkbcommon-x11-devel
RHEL 7
0:0.7.1-1.el7
fixed
libxkbfile
RHEL 7
0:1.0.9-3.el7
fixed
libxkbfile-devel
RHEL 7
0:1.0.9-3.el7
fixed
mesa-dri-drivers
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-filesystem
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-libEGL
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-libEGL-devel
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-libGL
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-libGL-devel
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-libGLES
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-libGLES-devel
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-libOSMesa
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-libOSMesa-devel
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-libgbm
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-libgbm-devel
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-libglapi
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-libxatracker
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-libxatracker-devel
RHEL 7
0:17.0.1-6.20170307.el7
fixed
mesa-private-llvm
RHEL 7
0:3.9.1-3.el7
fixed
mesa-private-llvm-devel
RHEL 7
0:3.9.1-3.el7
fixed
mesa-vulkan-drivers
RHEL 7
0:17.0.1-6.20170307.el7
fixed
vulkan
RHEL 7
0:1.0.39.1-2.el7
fixed
vulkan-devel
RHEL 7
0:1.0.39.1-2.el7
fixed
vulkan-filesystem
RHEL 7
0:1.0.39.1-2.el7
fixed
xcb-proto
RHEL 7
0:1.12-2.el7
fixed
xkeyboard-config
RHEL 7
0:2.20-1.el7
fixed
xkeyboard-config-devel
RHEL 7
0:2.20-1.el7
fixed
xorg-x11-proto-devel
RHEL 7
0:7.7-20.el7
fixed
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/96480
http://www.securitytracker.com/id/1037919
https://access.redhat.com/errata/RHSA-2017:1865
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2625
https://cgit.freedesktop.org/xorg/lib/libXdmcp/commit/?id=0554324ec6bbc2071f5d1f8ad211a1643e29eb1f
https://lists.debian.org/debian-lts-announce/2019/11/msg00024.html
https://security.gentoo.org/glsa/201704-03
https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
http://www.securityfocus.com/bid/96480
http://www.securitytracker.com/id/1037919
https://access.redhat.com/errata/RHSA-2017:1865
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2625
https://cgit.freedesktop.org/xorg/lib/libXdmcp/commit/?id=0554324ec6bbc2071f5d1f8ad211a1643e29eb1f
https://lists.debian.org/debian-lts-announce/2019/11/msg00024.html
https://security.gentoo.org/glsa/201704-03
https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/