CVE-2016-7945

Published: 13 December 2016

Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
libxi
Launchpad, Ubuntu, Debian
Upstream
Released (1.7.7)
Ubuntu 20.10 (Groovy Gorilla) Not vulnerable
(2:1.7.8-1)
Ubuntu 20.04 LTS (Focal Fossa) Not vulnerable
(2:1.7.8-1)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(2:1.7.8-1)
Ubuntu 16.04 LTS (Xenial Xerus) Needed

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was needed)
Patches:
Upstream: https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5