CVE-2013-6424

Priority
Description
Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org
allows context-dependent attackers to cause a denial of service (crash) via
a negative bottom value.
Assigned-to
mdeslaur
Notes
mdeslaurxorg server is actually the xorg-server package
the xorg package only contains docs
jdstrandpatch is straightforward but not yet accepted upstream. Open
upstream questions as of 2013/12/18
package for Ubuntu 13.10 is available in saucy-proposed
downgrading to low since pixman is already fixed, based on bug
feedback
Package
Source: xorg (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [code not present])
Package
Upstream:needed
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [2:1.14.3-3ubuntu3])
Patches:
Other:http://patchwork.freedesktop.org/patch/14769/
Vendor:http://www.debian.org/security/2013/dsa-2822
More Information

Updated: 2019-12-05 21:06:22 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)