USN-3501-1: libxcursor vulnerability

29 November 2017

libxcursor could be made to crash or run programs if it opened a specially crafted file.

Releases

Packages

Details

It was discovered that libxcursor incorrectly handled certain files. An
attacker could use these issues to cause libxcursor to crash, resulting in
a denial of service, or possibly execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 17.10
Ubuntu 17.04
Ubuntu 16.04
Ubuntu 14.04

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

Related notices

  • USN-3622-1: libwayland-doc, libwayland-dev, wayland, libwayland-bin, libwayland-server0, libwayland-cursor0, libwayland-client0