ALT-PU-2018-2632-1
Closed vulnerabilities
Published: 2016-12-13
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-7944
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.
Severity: CRITICAL (9.8)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- [oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- [oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- [oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries
- [oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries
- 93361
- 93361
- 1036945
- 1036945
- https://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e
- https://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e
- FEDORA-2016-ff5a2f4839
- FEDORA-2016-ff5a2f4839
- FEDORA-2016-72d7f05b90
- FEDORA-2016-72d7f05b90
- [xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- [xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
- GLSA-201704-03
- GLSA-201704-03