CVE-2010-4818

Priority
Medium
Description
The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users
to cause a denial of service (server crash) and possibly execute arbitrary
code via (1) a crafted request that triggers a client swap in
glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the
screen field in a request to glx/glxcmds.c.
References
Bugs
Notes
 mdeslaur> A regression caused the fix to be removed from lucid. See
 mdeslaur> USN-1232-2.
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Patches:
Upstream:http://cgit.freedesktop.org/xorg/xserver/commit/?id=3f0d3f4d97bce75c1828635c322b6560a45a037f
Upstream:http://cgit.freedesktop.org/xorg/xserver/commit/?id=ec9c97c6bf70b523bc500bd3adf62176f1bb33a4
Upstream:http://cgit.freedesktop.org/xorg/xserver/commit/?id=6c69235a9dfc52e4b4e47630ff4bab1a820eb543
Upstream:http://cgit.freedesktop.org/xorg/xserver/commit/?id=62319e8381ebd645ae36b25e5fc3c0e9b098387b
Upstream:http://cgit.freedesktop.org/xorg/xserver/commit/?id=d9225b9602c85603ae616a7381c784f5cf5e811c
Upstream:http://cgit.freedesktop.org/xorg/xserver/commit/?id=a883cf1545abd89bb2cadfa659718884b56fd234 (regression fix)
Upstream:http://cgit.freedesktop.org/xorg/xserver/commit/?id=1137c11be0f82049d28024eaf963c6f76e0d4334 (regression fix)
Upstream:http://cgit.freedesktop.org/xorg/xserver/commit/?id=402b329c3aa8ddbebaa1f593306a02d4cd6fed26 (regression fix)
More Information

Updated: 2017-12-14 19:51:06 UTC (commit 13907)