CVE-2013-7439
Published: 9 April 2015
Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.
Notes
| Author | Note |
|---|---|
| mdeslaur | all build dependencies that use the MakeBigReq macro, or that use the SetReqLen macro need to be rebuilt |
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
libx11 Launchpad, Ubuntu, Debian |
lucid |
Ignored
(reached end-of-life)
|
| precise |
Released
(2:1.4.99.1-0ubuntu2.3)
|
|
| trusty |
Not vulnerable
|
|
| upstream |
Needs triage
|
|
| utopic |
Not vulnerable
|
|
|
Patches: upstream: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=39547d600a13713e15429f49768e54c3173c828d |
||
|
libxrender Launchpad, Ubuntu, Debian |
lucid |
Ignored
(reached end-of-life)
|
| precise |
Released
(1:0.9.6-2ubuntu0.2)
|
|
| trusty |
Released
(1:0.9.8-1build0.14.04.1)
|
|
| upstream |
Needs triage
|
|
| utopic |
Released
(1:0.9.8-1build0.14.10.1)
|
|