CVE-2017-16612

Priority
Medium
Description
libXcursor before 1.1.15 has various integer overflows that could lead to
heap buffer overflows when processing malicious cursors, e.g., with
programs like GIMP.
References
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (1:1.1.14-1ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (1:1.1.14-1ubuntu0.16.04.1)
Ubuntu 17.04 (Zesty Zapus):released (1:1.1.14-1ubuntu0.17.04.1)
Ubuntu 17.10 (Artful Aardvark):released (1:1.1.14-3ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (1:1.1.14-3ubuntu1)
Patches:
Upstream:https://cgit.freedesktop.org/xorg/lib/libXcursor/commit/?id=4794b5dd34688158fb51a2943032569d3780c4b8
More Information

Updated: 2017-12-15 20:35:44 UTC (commit 13913)