Launchpad.net

CVE 2017-16612

libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0.

Related bugs and status

CVE-2017-16612 (Candidate) is related to these bugs:

Bug #1753776: Graphics corruption just before login animation to Xorg sessions (Intel gen9 GPUs only)

		In	Importance	Status
1753776	Graphics corruption just before login animation to Xorg sessions (Intel gen9 GPUs only)	mesa (Ubuntu)	High	Fix Released
1753776	Graphics corruption just before login animation to Xorg sessions (Intel gen9 GPUs only)	gdm3 (Ubuntu)	Medium	Invalid
1753776	Graphics corruption just before login animation to Xorg sessions (Intel gen9 GPUs only)	wayland (Ubuntu)	Medium	Invalid
1753776	Graphics corruption just before login animation to Xorg sessions (Intel gen9 GPUs only)	gdm3 (Ubuntu Bionic)	Medium	Invalid
1753776	Graphics corruption just before login animation to Xorg sessions (Intel gen9 GPUs only)	mesa (Ubuntu Bionic)	High	Fix Released
1753776	Graphics corruption just before login animation to Xorg sessions (Intel gen9 GPUs only)	wayland (Ubuntu Bionic)	Medium	Invalid
1753776	Graphics corruption just before login animation to Xorg sessions (Intel gen9 GPUs only)	Mesa	Medium	Unknown

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2017-16612

Related bugs and status

Related bugs

References