Search CVE reports
31 – 40 of 51 results
CVE-2020-14346
Medium priorityA flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to...
9 affected packages
xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xorg | — | — | Not affected | Not affected | Not affected |
xorg-hwe-16.04 | — | — | Not in release | Not in release | Not affected |
xorg-server | — | — | Fixed | Fixed | Fixed |
xorg-server-hwe-16.04 | — | — | Not in release | Not in release | Fixed |
xorg-server-hwe-18.04 | — | — | Not in release | Fixed | Not in release |
xorg-server-lts-utopic | — | — | Not in release | Not in release | Not in release |
xorg-server-lts-vivid | — | — | Not in release | Not in release | Not in release |
xorg-server-lts-wily | — | — | Not in release | Not in release | Not in release |
xorg-server-lts-xenial | — | — | Not in release | Not in release | Not in release |
CVE-2020-14347
Low priorityA flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass....
9 affected packages
xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xorg | — | — | Not affected | Not affected | Not affected |
xorg-hwe-16.04 | — | — | Not in release | Not in release | Not affected |
xorg-server | — | — | Fixed | Fixed | Fixed |
xorg-server-hwe-16.04 | — | — | Not in release | Not in release | Fixed |
xorg-server-hwe-18.04 | — | — | Not in release | Fixed | Not in release |
xorg-server-lts-utopic | — | — | Not in release | Not in release | Not in release |
xorg-server-lts-vivid | — | — | Not in release | Not in release | Not in release |
xorg-server-lts-wily | — | — | Not in release | Not in release | Not in release |
xorg-server-lts-xenial | — | — | Not in release | Not in release | Not in release |
CVE-2019-17624
Low priority"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of service (application crash) or possibly...
9 affected packages
xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xorg | — | — | Not affected | Not affected | Not affected |
xorg-hwe-16.04 | — | — | Not in release | Not in release | Not affected |
xorg-server | — | — | Not affected | Not affected | Not affected |
xorg-server-hwe-16.04 | — | — | Not in release | Not in release | Not affected |
xorg-server-hwe-18.04 | — | — | Not in release | Not affected | Not in release |
xorg-server-lts-utopic | — | — | Not in release | Not in release | Not in release |
xorg-server-lts-vivid | — | — | Not in release | Not in release | Not in release |
xorg-server-lts-wily | — | — | Not in release | Not in release | Not in release |
xorg-server-lts-xenial | — | — | Not in release | Not in release | Not in release |
CVE-2018-14665
Medium priorityA flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical...
8 affected packages
xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xorg | — | — | — | Not affected | Not affected |
xorg-hwe-16.04 | — | — | — | Not in release | Not affected |
xorg-server | — | — | — | Fixed | Not affected |
xorg-server-hwe-16.04 | — | — | — | Not in release | Fixed |
xorg-server-lts-utopic | — | — | — | Not in release | Not in release |
xorg-server-lts-vivid | — | — | — | Not in release | Not in release |
xorg-server-lts-wily | — | — | — | Not in release | Not in release |
xorg-server-lts-xenial | — | — | — | Not in release | Not in release |
CVE-2017-12187
Medium priorityxorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
8 affected packages
xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xorg | — | — | — | — | Not affected |
xorg-hwe-16.04 | — | — | — | — | Not affected |
xorg-server | — | — | — | — | Fixed |
xorg-server-hwe-16.04 | — | — | — | — | Fixed |
xorg-server-lts-utopic | — | — | — | — | Not in release |
xorg-server-lts-vivid | — | — | — | — | Not in release |
xorg-server-lts-wily | — | — | — | — | Not in release |
xorg-server-lts-xenial | — | — | — | — | Not in release |
CVE-2017-12186
Medium priorityxorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
8 affected packages
xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xorg | — | — | — | — | Not affected |
xorg-hwe-16.04 | — | — | — | — | Not affected |
xorg-server | — | — | — | — | Fixed |
xorg-server-hwe-16.04 | — | — | — | — | Fixed |
xorg-server-lts-utopic | — | — | — | — | Not in release |
xorg-server-lts-vivid | — | — | — | — | Not in release |
xorg-server-lts-wily | — | — | — | — | Not in release |
xorg-server-lts-xenial | — | — | — | — | Not in release |
CVE-2017-12185
Medium priorityxorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
8 affected packages
xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xorg | — | — | — | — | Not affected |
xorg-hwe-16.04 | — | — | — | — | Not affected |
xorg-server | — | — | — | — | Fixed |
xorg-server-hwe-16.04 | — | — | — | — | Fixed |
xorg-server-lts-utopic | — | — | — | — | Not in release |
xorg-server-lts-vivid | — | — | — | — | Not in release |
xorg-server-lts-wily | — | — | — | — | Not in release |
xorg-server-lts-xenial | — | — | — | — | Not in release |
CVE-2017-12184
Medium priorityxorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
8 affected packages
xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xorg | — | — | — | — | Not affected |
xorg-hwe-16.04 | — | — | — | — | Not affected |
xorg-server | — | — | — | — | Fixed |
xorg-server-hwe-16.04 | — | — | — | — | Fixed |
xorg-server-lts-utopic | — | — | — | — | Not in release |
xorg-server-lts-vivid | — | — | — | — | Not in release |
xorg-server-lts-wily | — | — | — | — | Not in release |
xorg-server-lts-xenial | — | — | — | — | Not in release |
CVE-2017-12183
Medium priorityxorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
8 affected packages
xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xorg | — | — | — | — | Not affected |
xorg-hwe-16.04 | — | — | — | — | Not affected |
xorg-server | — | — | — | — | Fixed |
xorg-server-hwe-16.04 | — | — | — | — | Fixed |
xorg-server-lts-utopic | — | — | — | — | Not in release |
xorg-server-lts-vivid | — | — | — | — | Not in release |
xorg-server-lts-wily | — | — | — | — | Not in release |
xorg-server-lts-xenial | — | — | — | — | Not in release |
CVE-2017-12182
Medium priorityxorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
8 affected packages
xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xorg | — | — | — | — | Not affected |
xorg-hwe-16.04 | — | — | — | — | Not affected |
xorg-server | — | — | — | — | Fixed |
xorg-server-hwe-16.04 | — | — | — | — | Fixed |
xorg-server-lts-utopic | — | — | — | — | Not in release |
xorg-server-lts-vivid | — | — | — | — | Not in release |
xorg-server-lts-wily | — | — | — | — | Not in release |
xorg-server-lts-xenial | — | — | — | — | Not in release |