CVE-2013-1998
Published: 23 May 2013
Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions.
Priority
Status
Package | Release | Status |
---|---|---|
libxi Launchpad, Ubuntu, Debian |
upstream |
Pending
(1.7.2)
|
lucid |
Released
(2:1.3-3ubuntu0.2)
|
|
precise |
Released
(2:1.6.0-0ubuntu2.1)
|
|
quantal |
Released
(2:1.6.1-1ubuntu0.1)
|
|
raring |
Released
(2:1.6.99.1-0ubuntu3.1)
|
|
Patches: upstream: http://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=f3e08e4fbe40016484ba795feecf1a742170ffc1 (1/3) upstream: http://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=91434737f592e8f5cc1762383882a582b55fc03a (2/3) upstream: http://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=5398ac0797f7516f2c9b8f2869a6c6d071437352 (3/3) |