Описание
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-14600
- https://access.redhat.com/errata/RHSA-2019:2079
- https://bugzilla.suse.com/show_bug.cgi?id=1102068
- https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=dbf72805fd9d7b1846fe9a11b46f3994bfc27fea
- https://lists.debian.org/debian-lts-announce/2018/08/msg00030.html
- https://lists.x.org/archives/xorg-announce/2018-August/002916.html
- https://security.gentoo.org/glsa/201811-01
- https://usn.ubuntu.com/3758-1
- https://usn.ubuntu.com/3758-2
- http://www.openwall.com/lists/oss-security/2018/08/21/6
- http://www.securityfocus.com/bid/105177
- http://www.securitytracker.com/id/1041543
Связанные уязвимости
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.
An issue was discovered in libX11 through 1.6.5. The function XListExt ...
Уязвимость функциях XListExtensions библиотеки предоставления клиентского API для X Window System libX11, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код