Your submission was sent successfully! Close

CVE-2017-10971

Published: 6 July 2017

In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events.

Priority

Medium

CVSS 3 base score: 8.8

Status

Package Release Status
xorg
Launchpad, Ubuntu, Debian 		precise Does not exist

trusty Does not exist
(trusty was not-affected [code not present])
upstream Needs triage

xenial Not vulnerable
(code not present)
yakkety Not vulnerable
(code not present)
zesty Not vulnerable
(code not present)
xorg-hwe-16.04
Launchpad, Ubuntu, Debian 		precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Not vulnerable
(code not present)
yakkety Does not exist

zesty Does not exist

xorg-server
Launchpad, Ubuntu, Debian 		precise Does not exist

trusty
Released (2:1.15.1-0ubuntu2.9)
upstream Needs triage

xenial
Released (2:1.18.4-0ubuntu0.3)
yakkety Ignored
(reached end-of-life)
zesty
Released (2:1.19.3-1ubuntu1.1)
xorg-server-hwe-16.04
Launchpad, Ubuntu, Debian 		precise Does not exist

trusty Does not exist

upstream Needs triage

xenial
Released (2:1.18.4-1ubuntu6.1~16.04.2)
yakkety Does not exist

zesty Does not exist

xorg-server-lts-utopic
Launchpad, Ubuntu, Debian 		precise Does not exist

trusty Does not exist
(trusty was ignored [reached end-of-life])
upstream Needs triage

xenial Does not exist

yakkety Does not exist

zesty Does not exist

xorg-server-lts-vivid
Launchpad, Ubuntu, Debian 		precise Does not exist

trusty Does not exist
(trusty was ignored [reached end-of-life])
upstream Needs triage

xenial Does not exist

yakkety Does not exist

zesty Does not exist

xorg-server-lts-wily
Launchpad, Ubuntu, Debian 		precise Does not exist

trusty Does not exist
(trusty was ignored [reached end-of-life])
upstream Needs triage

xenial Does not exist

yakkety Does not exist

zesty Does not exist

xorg-server-lts-xenial
Launchpad, Ubuntu, Debian 		precise Does not exist

trusty Does not exist
(trusty was released [2:1.18.3-1ubuntu2.3~trusty2])
upstream Needs triage

xenial Does not exist

yakkety Does not exist

zesty Does not exist

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading