Your submission was sent successfully! Close

CVE-2016-7944

Published: 13 December 2016

Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.

Priority

Low

CVSS 3 base score: 9.8

Status

Package Release Status
libxfixes
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic
Released (1:5.0.3-1)
cosmic
Released (1:5.0.3-1)
disco
Released (1:5.0.3-1)
eoan
Released (1:5.0.3-1)
focal
Released (1:5.0.3-1)
groovy
Released (1:5.0.3-1)
hirsute
Released (1:5.0.3-1)
impish
Released (1:5.0.3-1)
jammy
Released (1:5.0.3-1)
precise Does not exist
(precise was needed)
trusty Does not exist
(trusty was needed)
upstream
Released (1:5.0.1-2+deb8u1, 5.0.3)
xenial
Released (1:5.0.1-2ubuntu0.1~esm1)
yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)