Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 596164

Summary: X.Org security advisory: Protocol handling issues in X Window System client libraries
Product: Gentoo Linux Reporter: Gleb <kirokko+gentoo>
Component: Current packagesAssignee: Gentoo Linux bug wranglers <bug-wranglers>
Status: RESOLVED DUPLICATE    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Gleb 2016-10-04 16:33:18 UTC
Affected libraries and CVE Ids

libX11 - insufficient validation of data from the X server
	 can cause out of boundary memory read (XGetImage())
	 or write (XListFonts()).
	 Affected versions libX11 <= 1.6.3

libXfixes - insufficient validation of data from the X server
	can cause an integer overflow on 32 bit architectures.
	Affected versions : libXfixes <= 5.0.2

libXi - insufficient validation of data from the X server
	can cause out of boundary memory access or
	endless loops (Denial of Service).
	Affected versions libXi <= 1.7.6

libXrandr - insufficient validation of data from the X server
	can cause out of boundary memory writes.
	Affected versions: libXrandr <= 1.5.0

libXrender - insufficient validation of data from the X server
	can cause out of boundary memory writes.
	Affected version: libXrender <= 0.9.9

XRecord - insufficient validation of data from the X server
        can cause out of boundary memory access or
	endless loops (Denial of Service).
	 Affected version libXtst <= 1.2.2

libXv - insufficient validation of data from the X server
        can cause out of boundary memory and memory corruption.
	CVE-2016-5407
	affected versions libXv <= 1.0.10

libXvMC - insufficient validation of data from the X server
	can cause a one byte buffer read underrun.
	Affected versions: libXvMC <= 1.0.9

Source: https://lists.freedesktop.org/archives/xorg/2016-October/058344.html
Comment 1 Coacher 2016-10-05 04:11:31 UTC

*** This bug has been marked as a duplicate of bug 596182 ***