CVE-2013-7439
Published: 9 April 2015
Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.
Notes
Author | Note |
---|---|
mdeslaur | all build dependencies that use the MakeBigReq macro, or that use the SetReqLen macro need to be rebuilt |
Priority
Status
Package | Release | Status |
---|---|---|
libx11 Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Released
(2:1.4.99.1-0ubuntu2.3)
|
|
trusty |
Not vulnerable
|
|
upstream |
Needs triage
|
|
utopic |
Not vulnerable
|
|
Patches: upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=39547d600a13713e15429f49768e54c3173c828d |
||
libxrender Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Released
(1:0.9.6-2ubuntu0.2)
|
|
trusty |
Released
(1:0.9.8-1build0.14.04.1)
|
|
upstream |
Needs triage
|
|
utopic |
Released
(1:0.9.8-1build0.14.10.1)
|