diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 7634d47f0f42..165554139593 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,77 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + X.org libraries -- multiple vulnabilities + + + libX11 + 1.6.4,1 + + + libXfixes + 5.0.2 + + + libXi + 1.7.7,1 + + + libXrandr + 1.5.1 + + + libXrender + 0.9.10 + + + libXtst + 1.2.3 + + + libXv + 1.0.11,1 + + + libXvMC + 1.0.10 + + + + +

Matthieu Herrb reports:

+
+

Tobias Stoeckmann from the OpenBSD project has discovered a + number of issues in the way various X client libraries handle + the responses they receive from servers, and has worked with + X.Org's security team to analyze, confirm, and fix these issues. + These issue come in addition to the ones discovered by Ilja van + Sprundel in 2013.

+ +

Most of these issues stem from the client libraries trusting + the server to send correct protocol data, and not verifying + that the values will not overflow or cause other damage. Most + of the time X clients and servers are run by the same user, with + the server more privileged than the clients, so this is not a + problem, but there are scenarios in which a privileged client + can be connected to an unprivileged server, for instance, + connecting a setuid X client (such as a screen lock program) + to a virtual X server (such as Xvfb or Xephyr) which the user + has modified to return invalid data, potentially allowing the + user to escalate their privileges.

+
+ + + + https://lists.x.org/archives/xorg-announce/2016-October/002720.html + CVE-2016-5407 + + + 2016-10-04 + 2016-10-07 + + + BIND -- Remote Denial of Service vulnerability