Your submission was sent successfully! Close

CVE-2013-1997

Published: 23 May 2013

Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions.

Priority

Medium

Status

Package Release Status
libx11
Launchpad, Ubuntu, Debian
lucid
Released (2:1.3.2-1ubuntu3.1)
precise
Released (2:1.4.99.1-0ubuntu2.1)
quantal
Released (2:1.5.0-1ubuntu0.1)
raring
Released (2:1.5.0-1ubuntu1.1)
upstream Pending
(1.5.99.902)
Patches:
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=cddc4e7e3cb4b9b7ad25f8591971a86901c249f2 (1/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=f293659d5a4024bda386305bb7ebeb4647c40934 (2/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=bff938b9fe1629cbacb726509edfa2a3840b7207 (3/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=59ae16a00d18588e98af57d26e442af8ea42b7aa (4/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=fd7d4956bc7a1c4b5c38661b12777ebee4d685d9 (5/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=00626c3830b869259098985afa38933d77ccec72 (6/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=06c086e8a1d8374ea9a95ff989f053c96bb1bdca (7/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=e56a2ada719c5cfac5ed61a52a80ade86c0f5957 (8/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=4d7c422a37eb9617fb22f8e37527c2b34b105665 (9/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=2df882eeb3a70256170127a746a9ba26376599a1 (10/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=de2e6c322c4aca22856b380f67f8e488e7510015 (11/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=b9ba832401734e1cbd30a930c0d11d850293f3f9 (12/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=0c404db6a92dc2c198328bf586c02d8abbe02013 (13/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8d5936594993921acdfec778dd8f41b555e2543a (14/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=db1b1c871da29aa0545182bf888df81627f165a5 (15/15)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=e1b457beb8d4e831ef44279dada6c475cb955738 (related)
upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=a3bdd2b090915fe0163b062f0e6576fe05dd332e (related)