xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Weakness
[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Debian_linux | Debian | 8.0 (including) | 8.0 (including) |
| Debian_linux | Debian | 9.0 (including) | 9.0 (including) |
| Xorg-server | Ubuntu | devel | * |
| Xorg-server | Ubuntu | esm-infra-legacy/trusty | * |
| Xorg-server | Ubuntu | esm-infra/xenial | * |
| Xorg-server | Ubuntu | trusty | * |
| Xorg-server | Ubuntu | trusty/esm | * |
| Xorg-server | Ubuntu | upstream | * |
| Xorg-server | Ubuntu | xenial | * |
| Xorg-server | Ubuntu | zesty | * |
| Xorg-server-hwe-16.04 | Ubuntu | esm-infra/xenial | * |
| Xorg-server-hwe-16.04 | Ubuntu | upstream | * |
| Xorg-server-hwe-16.04 | Ubuntu | xenial | * |
| Xorg-server-lts-utopic | Ubuntu | trusty | * |
| Xorg-server-lts-vivid | Ubuntu | trusty | * |
| Xorg-server-lts-wily | Ubuntu | trusty | * |
| Xorg-server-lts-xenial | Ubuntu | trusty | * |
| Xorg-server-lts-xenial | Ubuntu | upstream | * |
Potential Mitigations
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1509222
- https://cgit.freedesktop.org/xorg/xserver/commit/?id=1b1d4c04695dced2463404174b50b3581dbd857b
- https://security.gentoo.org/glsa/201711-05
- https://www.debian.org/security/2017/dsa-4000
- https://bugzilla.redhat.com/show_bug.cgi?id=1509222
- https://cgit.freedesktop.org/xorg/xserver/commit/?id=1b1d4c04695dced2463404174b50b3581dbd857b
- https://security.gentoo.org/glsa/201711-05
- https://www.debian.org/security/2017/dsa-4000