CVE-2017-13723

Опубликовано: 10 окт. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.6

CVSS3: 7.8

Описание

In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp.

Релиз	Статус	Примечание
devel	not-affected	code not present
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [code not present]]
esm-infra/xenial	not-affected	code not present
precise/esm	DNE
trusty	not-affected	code not present
trusty/esm	DNE	trusty was not-affected [code not present]
upstream	needs-triage
vivid/ubuntu-core	DNE
xenial	not-affected	code not present
zesty	not-affected	code not present

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	code not present
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	needs-triage
vivid/ubuntu-core	DNE
xenial	not-affected	code not present
zesty	DNE

Показывать по

Релиз	Статус	Примечание
devel	not-affected	2:1.19.4-1ubuntu2
esm-infra-legacy/trusty	released	2:1.15.1-0ubuntu2.10
esm-infra/xenial	released	2:1.18.4-0ubuntu0.6
precise/esm	DNE
trusty	released	2:1.15.1-0ubuntu2.10
trusty/esm	released	2:1.15.1-0ubuntu2.10
upstream	needs-triage
vivid/ubuntu-core	DNE
xenial	released	2:1.18.4-0ubuntu0.6
zesty	released	2:1.19.3-1ubuntu1.2

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	released	2:1.19.3-1ubuntu1~16.04.3
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	needs-triage
vivid/ubuntu-core	DNE
xenial	released	2:1.19.3-1ubuntu1~16.04.3
zesty	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of life]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of life]
upstream	needs-triage
vivid/ubuntu-core	DNE
xenial	DNE
zesty	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of life]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of life]
upstream	needs-triage
vivid/ubuntu-core	DNE
xenial	DNE
zesty	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of life]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of life]
upstream	needs-triage
vivid/ubuntu-core	DNE
xenial	DNE
zesty	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [2:1.18.3-1ubuntu2.3~trusty3]]
precise/esm	DNE
trusty	released	2:1.18.3-1ubuntu2.3~trusty3
trusty/esm	DNE	trusty was released [2:1.18.3-1ubuntu2.3~trusty3]
upstream	needs-triage
vivid/ubuntu-core	DNE
xenial	DNE
zesty	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 34%

0.00136

Низкий

4.6 Medium

CVSS2

7.8 High

CVSS3

Связанные уязвимости

CVE-2017-13723

CVSS3: 4.7

redhat

больше 8 лет назад

CVE-2017-13723

CVSS3: 7.8

nvd

больше 8 лет назад

CVE-2017-13723

CVSS3: 7.8

debian

больше 8 лет назад

In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local a ...

GHSA-w3w2-h9f5-hrg7

CVSS3: 7.8

github

больше 3 лет назад

SUSE-SU-2017:3025-1

suse-cvrf

около 8 лет назад

Security update for xorg-x11-server

EPSS

Процентиль: 34%

0.00136

Низкий

4.6 Medium

CVSS2

7.8 High

CVSS3

CVE-2017-13723

Описание

Пакет xorg

Пакет xorg-hwe-16.04

Пакет xorg-server

Пакет xorg-server-hwe-16.04

Пакет xorg-server-lts-utopic

Пакет xorg-server-lts-vivid

Пакет xorg-server-lts-wily

Пакет xorg-server-lts-xenial

Ссылки на источники

Связанные уязвимости