CVE-2017-16612
Published: 28 November 2017
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0.
Priority
Status
Package | Release | Status |
---|---|---|
libxcursor Launchpad, Ubuntu, Debian |
artful |
Released
(1:1.1.14-3ubuntu0.1)
|
trusty |
Released
(1:1.1.14-1ubuntu0.14.04.1)
|
|
upstream |
Needs triage
|
|
xenial |
Released
(1:1.1.14-1ubuntu0.16.04.1)
|
|
zesty |
Released
(1:1.1.14-1ubuntu0.17.04.1)
|
|
Patches: upstream: https://cgit.freedesktop.org/xorg/lib/libXcursor/commit/?id=4794b5dd34688158fb51a2943032569d3780c4b8 |
||
wayland Launchpad, Ubuntu, Debian |
artful |
Released
(1.14.0-1ubuntu0.1)
|
trusty |
Released
(1.4.0-1ubuntu1.1)
|
|
upstream |
Needs triage
|
|
xenial |
Released
(1.12.0-1~ubuntu16.04.3)
|
|
zesty |
Ignored
(end of life, was needed)
|
|
Patches: upstream: https://cgit.freedesktop.org/wayland/wayland/commit/?id=5d201df72f3d4f4cb8b8f75f980169b03507da38 |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.5 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity impact | None |
Availability impact | High |
Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16612
- http://www.openwall.com/lists/oss-security/2017/11/28/6
- https://marc.info/?l=freedesktop-xorg-announce&m=151188036018262&w=2
- https://ubuntu.com/security/notices/USN-3501-1
- https://ubuntu.com/security/notices/USN-3622-1
- NVD
- Launchpad
- Debian