Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

51 – 60 of 109 results


CVE-2017-12180

Medium priority
Fixed

xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

8 affected packages

xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg Not affected
xorg-hwe-16.04 Not affected
xorg-server Fixed
xorg-server-hwe-16.04 Fixed
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
xorg-server-lts-wily Not in release
xorg-server-lts-xenial Not in release
Show all 8 packages Show less packages

CVE-2017-12179

Medium priority
Fixed

xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

8 affected packages

xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg Not affected
xorg-hwe-16.04 Not affected
xorg-server Fixed
xorg-server-hwe-16.04 Fixed
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
xorg-server-lts-wily Not in release
xorg-server-lts-xenial Not in release
Show all 8 packages Show less packages

CVE-2017-12178

Medium priority
Fixed

xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

8 affected packages

xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg Not affected
xorg-hwe-16.04 Not affected
xorg-server Fixed
xorg-server-hwe-16.04 Fixed
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
xorg-server-lts-wily Not in release
xorg-server-lts-xenial Not in release
Show all 8 packages Show less packages

CVE-2017-12177

Medium priority
Fixed

xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

8 affected packages

xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg Not affected
xorg-hwe-16.04 Not affected
xorg-server Fixed
xorg-server-hwe-16.04 Fixed
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
xorg-server-lts-wily Not in release
xorg-server-lts-xenial Not in release
Show all 8 packages Show less packages

CVE-2017-12176

Medium priority
Fixed

xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

8 affected packages

xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg Not affected
xorg-hwe-16.04 Not affected
xorg-server Fixed
xorg-server-hwe-16.04 Fixed
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
xorg-server-lts-wily Not in release
xorg-server-lts-xenial Not in release
Show all 8 packages Show less packages

CVE-2017-13723

Medium priority
Fixed

In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or...

8 affected packages

xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg Not affected
xorg-hwe-16.04 Not affected
xorg-server Fixed
xorg-server-hwe-16.04 Fixed
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
xorg-server-lts-wily Not in release
xorg-server-lts-xenial Not in release
Show all 8 packages Show less packages

CVE-2017-13721

Low priority
Fixed

In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients...

8 affected packages

xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg Not affected
xorg-hwe-16.04 Not affected
xorg-server Fixed
xorg-server-hwe-16.04 Fixed
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
xorg-server-lts-wily Not in release
xorg-server-lts-xenial Not in release
Show all 8 packages Show less packages

CVE-2017-10972

Medium priority

Some fixes available 5 of 6

Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before 2017-06-19 allowed authenticated malicious users to access potentially privileged data from the X server.

8 affected packages

xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg Not affected
xorg-hwe-16.04 Not affected
xorg-server Fixed
xorg-server-hwe-16.04 Fixed
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
xorg-server-lts-wily Not in release
xorg-server-lts-xenial Not in release
Show all 8 packages Show less packages

CVE-2017-10971

Medium priority

Some fixes available 5 of 6

In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events.

8 affected packages

xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg Not affected
xorg-hwe-16.04 Not affected
xorg-server Fixed
xorg-server-hwe-16.04 Fixed
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
xorg-server-lts-wily Not in release
xorg-server-lts-xenial Not in release
Show all 8 packages Show less packages

CVE-2017-2624

Negligible priority

Some fixes available 4 of 10

It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp()...

10 affected packages

xorg-server, xorg-server-hwe-16.04, xorg-server-lts-quantal, xorg-server-lts-raring, xorg-server-lts-saucy...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xorg-server Fixed
xorg-server-hwe-16.04 Fixed
xorg-server-lts-quantal Not in release
xorg-server-lts-raring Not in release
xorg-server-lts-saucy Not in release
xorg-server-lts-trusty Not in release
xorg-server-lts-utopic Not in release
xorg-server-lts-vivid Not in release
xorg-server-lts-wily Not in release
xorg-server-lts-xenial Not in release
Show all 10 packages Show less packages