CVE-2014-8096 in Ubuntu

CVE-2014-8096

Priority

Description

The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X
Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and
xorg-server) before 1.16.3 allows remote authenticated users to cause a
denial of service (out-of-bounds read or write) or possibly execute
arbitrary code via a crafted length or index value.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8096
http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/
https://usn.ubuntu.com/usn/usn-2436-1

Assigned-to

mdeslaur

Notes

Package

Source: xorg-server (LP Ubuntu Debian)

Upstream:	released (2:1.16.2.901-1)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was released [2:1.15.1-0ubuntu2.4])

Package

Source: xorg-server-lts-trusty (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):	DNE

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2019-12-05 18:38:29 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)