Your submission was sent successfully! Close

CVE-2017-13721

Published: 9 October 2017

In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.

Priority

Low

CVSS 3 base score: 4.7

Status

Package Release Status
xorg
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was not-affected [code not present])
upstream Needs triage

xenial Not vulnerable
(code not present)
zesty Not vulnerable
(code not present)
xorg-hwe-16.04
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Not vulnerable
(code not present)
zesty Does not exist

xorg-server
Launchpad, Ubuntu, Debian
precise Does not exist

trusty
Released (2:1.15.1-0ubuntu2.10)
upstream Needs triage

xenial
Released (2:1.18.4-0ubuntu0.6)
zesty
Released (2:1.19.3-1ubuntu1.2)
xorg-server-hwe-16.04
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream Needs triage

xenial
Released (2:1.19.3-1ubuntu1~16.04.3)
zesty Does not exist

xorg-server-lts-utopic
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored [reached end-of-life])
upstream Needs triage

xenial Does not exist

zesty Does not exist

xorg-server-lts-vivid
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored [reached end-of-life])
upstream Needs triage

xenial Does not exist

zesty Does not exist

xorg-server-lts-wily
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored [reached end-of-life])
upstream Needs triage

xenial Does not exist

zesty Does not exist

xorg-server-lts-xenial
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was released [2:1.18.3-1ubuntu2.3~trusty3])
upstream Needs triage

xenial Does not exist

zesty Does not exist