CVE-2018-14599: libX11: Off-by-one error in XListExtensions in ListExt.c
Bug #1849198 reported by
Bruce Jones
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Robin Lu |
Bug Description
CVE-2018-14599
status : fixed
cvss2Score : 7.5
Attack Vector: N
Access Complexity : L
Autentication: N
Availability Impact :P
Affected packages:
['libX11', 'libX11-common']
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.
https:/
CVE References
tags: | added: stx.security |
Changed in starlingx: | |
importance: | Undecided → High |
tags: | added: stx.3.0 |
Changed in starlingx: | |
status: | New → Triaged |
Changed in starlingx: | |
assignee: | nobody → Cindy Xie (xxie1) |
Changed in starlingx: | |
assignee: | Cindy Xie (xxie1) → Robin Lu (robinlu) |
information type: | Private Security → Public Security |
Changed in starlingx: | |
status: | Triaged → Fix Released |
tags: | added: in-r-stx20 |
To post a comment you must log in.
This CVE meets the fix criteria for StarlingX. Therefore, it needs to be fixed in master for stx.3.0 and then cherry-picked to r/stx.2.0.