ALT-PU-2016-2373-1
Closed vulnerabilities
Published: 2016-12-13
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-7942
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.
Severity: CRITICAL (9.8)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- [oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- [oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- [oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries
- [oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries
- 93363
- 93363
- 1036945
- 1036945
- https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8ea762f94f4c942d898fdeb590a1630c83235c17
- https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8ea762f94f4c942d898fdeb590a1630c83235c17
- FEDORA-2016-0df69ab477
- FEDORA-2016-0df69ab477
- [xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- [xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- GLSA-201704-03
- GLSA-201704-03
- USN-3758-1
- USN-3758-1
- USN-3758-2
- USN-3758-2
Published: 2016-12-13
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-7943
The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.
Severity: CRITICAL (9.8)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- [oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- [oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- [oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries
- [oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries
- 93362
- 93362
- 1036945
- 1036945
- https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8c29f1607a31dac0911e45a0dd3d74173822b3c9
- https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8c29f1607a31dac0911e45a0dd3d74173822b3c9
- FEDORA-2016-0df69ab477
- FEDORA-2016-0df69ab477
- [xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- [xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- GLSA-201704-03
- GLSA-201704-03
- USN-3758-1
- USN-3758-1
- USN-3758-2
- USN-3758-2