Candidate: CVE-2016-7947 PublicDate: 2016-12-13 20:59:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947 http://www.openwall.com/lists/oss-security/2016/10/04/4 https://lists.x.org/archives/xorg-announce/2016-October/002720.html Description: Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response. Ubuntu-Description: Notes: mdeslaur> https://wiki.ubuntu.com/1204_HWE_EOL Bugs: Priority: low Discovered-by: Tobias Stoeckmann Assigned-to: CVSS: nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL] Patches_libxrandr: upstream: https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6 upstream_libxrandr: released (1.5.1) precise_libxrandr: ignored (reached end-of-life) precise/esm_libxrandr: DNE (precise was needed) trusty_libxrandr: ignored (reached end-of-life) trusty/esm_libxrandr: DNE (trusty was needed) vivid/ubuntu-core_libxrandr: DNE vivid/stable-phone-overlay_libxrandr: ignored (reached end-of-life) xenial_libxrandr: ignored (end of standard support, was needed) esm-infra/xenial_libxrandr: needed yakkety_libxrandr: ignored (reached end-of-life) zesty_libxrandr: ignored (reached end-of-life) artful_libxrandr: ignored (reached end-of-life) bionic_libxrandr: released (2:1.5.1-1) cosmic_libxrandr: released (2:1.5.1-1) disco_libxrandr: released (2:1.5.1-1) eoan_libxrandr: released (2:1.5.1-1) focal_libxrandr: released (2:1.5.1-1) groovy_libxrandr: released (2:1.5.1-1) hirsute_libxrandr: released (2:1.5.1-1) impish_libxrandr: released (2:1.5.1-1) jammy_libxrandr: released (2:1.5.1-1) devel_libxrandr: released (2:1.5.1-1) Patches_libxrandr-lts-quantal: upstream_libxrandr-lts-quantal: needs-triage precise_libxrandr-lts-quantal: ignored (reached end-of-life) precise/esm_libxrandr-lts-quantal: DNE (precise was ignored [reached end-of-life]) trusty_libxrandr-lts-quantal: DNE trusty/esm_libxrandr-lts-quantal: DNE vivid/ubuntu-core_libxrandr-lts-quantal: DNE vivid/stable-phone-overlay_libxrandr-lts-quantal: DNE xenial_libxrandr-lts-quantal: DNE yakkety_libxrandr-lts-quantal: DNE zesty_libxrandr-lts-quantal: DNE artful_libxrandr-lts-quantal: DNE bionic_libxrandr-lts-quantal: DNE cosmic_libxrandr-lts-quantal: DNE disco_libxrandr-lts-quantal: DNE eoan_libxrandr-lts-quantal: DNE focal_libxrandr-lts-quantal: DNE groovy_libxrandr-lts-quantal: DNE hirsute_libxrandr-lts-quantal: DNE impish_libxrandr-lts-quantal: DNE jammy_libxrandr-lts-quantal: DNE devel_libxrandr-lts-quantal: DNE Patches_libxrandr-lts-raring: upstream_libxrandr-lts-raring: needs-triage precise_libxrandr-lts-raring: ignored (reached end-of-life) precise/esm_libxrandr-lts-raring: DNE (precise was ignored [reached end-of-life]) trusty_libxrandr-lts-raring: DNE trusty/esm_libxrandr-lts-raring: DNE vivid/ubuntu-core_libxrandr-lts-raring: DNE vivid/stable-phone-overlay_libxrandr-lts-raring: DNE xenial_libxrandr-lts-raring: DNE yakkety_libxrandr-lts-raring: DNE zesty_libxrandr-lts-raring: DNE artful_libxrandr-lts-raring: DNE bionic_libxrandr-lts-raring: DNE cosmic_libxrandr-lts-raring: DNE disco_libxrandr-lts-raring: DNE eoan_libxrandr-lts-raring: DNE focal_libxrandr-lts-raring: DNE groovy_libxrandr-lts-raring: DNE hirsute_libxrandr-lts-raring: DNE impish_libxrandr-lts-raring: DNE jammy_libxrandr-lts-raring: DNE devel_libxrandr-lts-raring: DNE Patches_libxrandr-lts-saucy: upstream_libxrandr-lts-saucy: needs-triage precise_libxrandr-lts-saucy: ignored (reached end-of-life) precise/esm_libxrandr-lts-saucy: DNE (precise was ignored [reached end-of-life]) trusty_libxrandr-lts-saucy: DNE trusty/esm_libxrandr-lts-saucy: DNE vivid/ubuntu-core_libxrandr-lts-saucy: DNE vivid/stable-phone-overlay_libxrandr-lts-saucy: DNE xenial_libxrandr-lts-saucy: DNE yakkety_libxrandr-lts-saucy: DNE zesty_libxrandr-lts-saucy: DNE artful_libxrandr-lts-saucy: DNE bionic_libxrandr-lts-saucy: DNE cosmic_libxrandr-lts-saucy: DNE disco_libxrandr-lts-saucy: DNE eoan_libxrandr-lts-saucy: DNE focal_libxrandr-lts-saucy: DNE groovy_libxrandr-lts-saucy: DNE hirsute_libxrandr-lts-saucy: DNE impish_libxrandr-lts-saucy: DNE jammy_libxrandr-lts-saucy: DNE devel_libxrandr-lts-saucy: DNE Patches_libxrandr-lts-trusty: upstream_libxrandr-lts-trusty: needs-triage precise_libxrandr-lts-trusty: ignored (reached end-of-life) precise/esm_libxrandr-lts-trusty: DNE (precise was needed) trusty_libxrandr-lts-trusty: DNE trusty/esm_libxrandr-lts-trusty: DNE vivid/ubuntu-core_libxrandr-lts-trusty: DNE vivid/stable-phone-overlay_libxrandr-lts-trusty: DNE xenial_libxrandr-lts-trusty: DNE yakkety_libxrandr-lts-trusty: DNE zesty_libxrandr-lts-trusty: DNE artful_libxrandr-lts-trusty: DNE bionic_libxrandr-lts-trusty: DNE cosmic_libxrandr-lts-trusty: DNE disco_libxrandr-lts-trusty: DNE eoan_libxrandr-lts-trusty: DNE focal_libxrandr-lts-trusty: DNE groovy_libxrandr-lts-trusty: DNE hirsute_libxrandr-lts-trusty: DNE impish_libxrandr-lts-trusty: DNE jammy_libxrandr-lts-trusty: DNE devel_libxrandr-lts-trusty: DNE