ALT-PU-2018-1821-1
Closed vulnerabilities
Published: 2016-12-13
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-5407
The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.
Severity: CRITICAL (9.8)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- [oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- [oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- [oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries
- [oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries
- 93368
- 93368
- 1036945
- 1036945
- https://cgit.freedesktop.org/xorg/lib/libXv/commit/?id=d9da580b46a28ab497de2e94fdc7b9ff953dab17
- https://cgit.freedesktop.org/xorg/lib/libXv/commit/?id=d9da580b46a28ab497de2e94fdc7b9ff953dab17
- FEDORA-2016-f71cc44cf8
- FEDORA-2016-f71cc44cf8
- FEDORA-2016-5aa206bd16
- FEDORA-2016-5aa206bd16
- [xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- [xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- GLSA-201704-03
- GLSA-201704-03