CVE-2013-1990
Published: 23 May 2013
Multiple integer overflows in X.org libXvMC 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvMCListSurfaceTypes and (2) XvMCListSubpictureTypes functions.
Notes
Author | Note |
---|---|
mdeslaur | watch for regression fixed in dsa-2675-2 |
Priority
Status
Package | Release | Status |
---|---|---|
libxvmc Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Released
(2:1.0.6-1ubuntu2.1)
|
|
quantal |
Released
(2:1.0.7-1ubuntu1.12.10.1)
|
|
raring |
Released
(2:1.0.7-1ubuntu1.13.04.1)
|
|
upstream |
Pending
(1.0.8)
|
|
Patches: upstream: http://cgit.freedesktop.org/xorg/lib/libXvMC/commit/?id=cf1a1dc1b9ca34a29d0471da9389f8eae70ddbd9 upstream: http://cgit.freedesktop.org/xorg/lib/libXvMC/commit/?id=2712383813b26475dc6713888414d842be57f8ca (1/2) upstream: http://cgit.freedesktop.org/xorg/lib/libXvMC/commit/?id=478d4e5873eeee2ebdce6673e4e3469816ab63b8 (2/2) upstream: http://cgit.freedesktop.org/xorg/lib/libXvMC/commit/?id=5fd871e5f878810f8f8837725d548e07e89577ab (related?) |