oss-sec mailing list archives
Re: X.Org security advisory: Protocol handling issues in X Window System client libraries
From: cve-assign () mitre org
Date: Tue, 4 Oct 2016 12:45:44 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
libX11 - insufficient validation of data from the X server can cause out of boundary memory read (XGetImage()) or write (XListFonts()). Affected versions libX11 <= 1.6.3
https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8ea762f94f4c942d898fdeb590a1630c83235c17 Validation of server responses in XGetImage()
Use CVE-2016-7942.
https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8c29f1607a31dac0911e45a0dd3d74173822b3c9 The validation of server responses avoids out of boundary accesses.
Use CVE-2016-7943.
libXfixes - insufficient validation of data from the X server can cause an integer overflow on 32 bit architectures. Affected versions : libXfixes <= 5.0.2 https://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e Integer overflow on illegal server response
Use CVE-2016-7944.
libXi - insufficient validation of data from the X server can cause out of boundary memory access or endless loops (Denial of Service). Affected versions libXi <= 1.7.6 https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5 Properly validate server responses.
Use CVE-2016-7945 for all of the integer overflows Use CVE-2016-7946 for all of the other mishandling of the reply data.
libXrandr - insufficient validation of data from the X server can cause out of boundary memory writes. Affected versions: libXrandr <= 1.5.0 https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6 Avoid out of boundary accesses on illegal responses
Use CVE-2016-7947 for all of the integer overflows Use CVE-2016-7948 for all of the other mishandling of the reply data.
libXrender - insufficient validation of data from the X server can cause out of boundary memory writes. Affected version: libXrender <= 0.9.9
https://cgit.freedesktop.org/xorg/lib/libXrender/commit/?id=9362c7ddd1af3b168953d0737877bc52d79c94f4 Validate lengths while parsing server data.
Use CVE-2016-7949.
https://cgit.freedesktop.org/xorg/lib/libXrender/commit/?id=8fad00b0b647ee662ce4737ca15be033b7a21714 Avoid OOB write in XRenderQueryFilters
Use CVE-2016-7950.
XRecord - insufficient validation of data from the X server can cause out of boundary memory access or endless loops (Denial of Service). Affected version libXtst <= 1.2.2 https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3 Out of boundary access and endless loop in libXtst
Use CVE-2016-7951 for all of the integer overflows Use CVE-2016-7952 for all of the other mishandling of the reply data.
libXv - insufficient validation of data from the X server can cause out of boundary memory and memory corruption. CVE-2016-5407 affected versions libXv <= 1.0.10 https://cgit.freedesktop.org/xorg/lib/libXv/commit/?id=d9da580b46a28ab497de2e94fdc7b9ff953dab17 Protocol handling issues in libXv
(aka 87b3c94) People may want to look at https://access.redhat.com/security/cve/cve-2016-5407 in the coming days for additional information.
libXvMC - insufficient validation of data from the X server can cause a one byte buffer read underrun. Affected versions: libXvMC <= 1.0.9 https://cgit.freedesktop.org/xorg/lib/libXvMC/commit/?id=2cd95e7da8367cccdcdd5c9b160012d1dec5cbdb Avoid buffer underflow on empty strings.
Use CVE-2016-7953. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJX89wWAAoJEHb/MwWLVhi2B1oQAIpH3CzWwMQ3IAuGhWgV5YvZ LSmNkx+lXjT2yFHpkOxie4JgX0udC/KbK+SnTKZNS3pP3Bkq0A6M1nw3o1bOFyeL qTAIncyXiyWEIhWsU/1VXExdlWY3ZakxEZiKxkHZqAgr96+p0+3w8I1URpDmE4Dz G552K/E3OOrxFBgd5tj724HXYkyrXaWbpxAvYGMt971OHplv5fVKCZnakDL11DVR 4yFGJmFTVsN28X2qgOJif5K6m8BlP3X6y3349FygbfdwWrEUVGWI+X5izL5G11Bf vxJ24ibfi3f9f5ktT2m561k4ftR/nMIyFJiRv+3L2MGIsPFIgjvp5SyHsvEZKh4Y GTLGggTQJ1dMrKEdrTGXizyewRVga07+8h9XtPgPpHoqNk3hjnkC0LHiA7lHh+HR YCyID6lAR1BGnfvEW5tkf9dQszk0Xoi+rbF/x5fDxOhCYA/8ywJmd3O6QUefLaHG 1BLJCoH/+7FUg9MMKKGDBrova0m1mwcDHncbSNz0aA7Scti06WX1xLZP3w2VT079 eD1Q7JQ8A8xeEVqCrRLyI0B+Y3RcSIoZUMLjwVjN+9ao29JmAykAH6kyoT0zfB+u F8tVW0BRQudxuhTEtLPnK2EfBb+gG5asMPLSNZixYDe+hHh5jM1VMzv6GE90mlqA mQ0YAv9uozEzoV/R5ADg =Lv54 -----END PGP SIGNATURE-----
Current thread:
- X.Org security advisory: Protocol handling issues in X Window System client libraries Matthieu Herrb (Oct 04)
- Re: X.Org security advisory: Protocol handling issues in X Window System client libraries Marcus Meissner (Oct 04)
- Re: X.Org security advisory: Protocol handling issues in X Window System client libraries cve-assign (Oct 04)
- Re: X.Org security advisory: Protocol handling issues in X Window System client libraries Marcus Meissner (Oct 04)