PublicDateAtUSN: 2013-05-23 15:00:00 UTC Candidate: CVE-2013-1981 CRD: 2013-05-23 15:00:00 UTC PublicDate: 2013-06-15 19:55:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1981 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 http://www.debian.org/security/2013/dsa-2693 https://ubuntu.com/security/notices/USN-1854-1 Description: Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions. Ubuntu-Description: Notes: Bugs: Priority: medium Discovered-by: Ilja van Sprundel Assigned-to: mdeslaur CVSS: Patches_libx11: upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=d7f04c340ade3834e603c23d543132e1ee4e0c63 upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=9f5d83706543696fc944c1835a403938c06f2cc5 upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=6df8a63d34b7514077188e2062a13774f920c085 (1/13) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=5669a220816b7d58fcaf0c302ead16fbe5c87817 (2/13) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=39515b7c3ba8cae9021bf6695e378ae19487082f (3/13) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=1f6a3dbf699b85c0ea715ef21de7e7095a714e12 (4/13) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=2cd62b5eb99ffbb2fce99f3c459455e630b35bf7 (5/13) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=90fd5abac2faca86f9f100353a3c9c7b89f31484 (6/13) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=076428918e6c35f66b9b55c3fa097ff06496d155 (7/13) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=460e8a223b87d4fa0ea1e97823e998a770e0f2a2 (8/13) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=164bf4dfe839b1cc75cdeee378a243d04a8200e4 (9/13) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=79d8dc08eb98842173ce239b9dd60df0e9e9ae72 (10/13) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=833f6b70bc789d33607f6dbfee9e0a4178ec4b59 (11/13) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=a351b8103b2ba78882e1c309e85893ca3abe2073 (12/13) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=0b0f5d4358c3de7563d6af03f0d2ce454702a06a (13/13) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=192bbb9e2fc45df4e17b35b6d14ea0eb418dbd39 (related) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=b2c86b582c58f50c7b14da01cf7ebd20ef12a6b2 (related) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=d38527e25f8b6e2f1174ecc21260c5c5416f972e (related) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=12ad4c6432496897ff000eb7cfecd0fb4b290331 (related) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=3fe4bea086149f06a142a8f1d575f627ec1e22c7 (related) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=3131740513133a9ff7cb12123d29ceb18584fc38 (related) upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=2820100bf8ba130b94253f415e7fa5ac28bb2037 (related) upstream_libx11: pending (1.5.99.902) lucid_libx11: released (2:1.3.2-1ubuntu3.1) precise_libx11: released (2:1.4.99.1-0ubuntu2.1) quantal_libx11: released (2:1.5.0-1ubuntu0.1) raring_libx11: released (2:1.5.0-1ubuntu1.1) devel_libx11: released (2:1.5.0-1ubuntu2)