Your submission was sent successfully! Close

CVE-2016-7946

Published: 13 December 2016

X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.

Notes

AuthorNote
sbeattie
same commit as CVE-2016-7945
mdeslaur
possible regression: https://bugs.freedesktop.org/show_bug.cgi?id=98204
Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
libxi
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(2:1.7.8-1)
cosmic Not vulnerable
(2:1.7.8-1)
disco Not vulnerable
(2:1.7.8-1)
eoan Not vulnerable
(2:1.7.8-1)
focal Not vulnerable
(2:1.7.8-1)
groovy Not vulnerable
(2:1.7.8-1)
hirsute Not vulnerable
(2:1.7.8-1)
impish Not vulnerable
(2:1.7.8-1)
jammy Not vulnerable
(2:1.7.8-1)
precise Does not exist
(precise was needed)
trusty Does not exist
(trusty was needed)
upstream
Released (1.7.7)
xenial Needed

yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)
Patches:
upstream: https://cgit.freedesktop.org/xorg/lib/libXi/commit/?id=19a9cd607de73947fcfb104682f203ffe4e1f4e5