CVE-2014-8098

Source
https://nvd.nist.gov/vuln/detail/CVE-2014-8098
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2014-8098.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2014-8098
Related
Published
2014-12-10T15:59:10Z
Modified
2024-09-18T01:00:21Z
Summary
[none]
Details

The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) _glXDispRender, (2) _glXDispRenderLarge, (3) _glXDispSwapVendorPrivate, (4) _glXDispSwapVendorPrivateWithReply, (5) setclientinfo, (6) _glXDispSwapSetClientInfoARB, (7) DoSwapInterval, (8) DoGetProgramString, (9) DoGetString, (10) _glXDispSwapRenderMode, (11) _glXDispGetCompressedTexImage, (12) _glXDispSwapGetCompressedTexImage, (13) _glXDispFeedbackBuffer, (14) _glXDispSwapFeedbackBuffer, (15) _glXDispSelectBuffer, (16) _glXDispSwapSelectBuffer, (17) _glXDispFlush, (18) _glXDispSwapFlush, (19) _glXDispFinish, (20) _glXDispSwapFinish, (21) _glXDispReadPixels, (22) _glXDispSwapReadPixels, (23) _glXDispGetTexImage, (24) _glXDispSwapGetTexImage, (25) _glXDispGetPolygonStipple, (26) _glXDispSwapGetPolygonStipple, (27) _glXDispGetSeparableFilter, (28) _glXDispGetSeparableFilterEXT, (29) _glXDispGetConvolutionFilter, (30) _glXDispGetConvolutionFilterEXT, (31) _glXDispGetHistogram, (32) _glXDispGetHistogramEXT, (33) _glXDispGetMinmax, (34) _glXDispGetMinmaxEXT, (35) _glXDispGetColorTable, (36) _glXDispGetColorTableSGI, (37) GetSeparableFilter, (38) GetConvolutionFilter, (39) GetHistogram, (40) GetMinmax, or (41) GetColorTable function.

References

Affected packages

Debian:11 / xorg-server

Package

Name
xorg-server
Purl
pkg:deb/debian/xorg-server?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.16.2.901-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / xorg-server

Package

Name
xorg-server
Purl
pkg:deb/debian/xorg-server?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.16.2.901-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / xorg-server

Package

Name
xorg-server
Purl
pkg:deb/debian/xorg-server?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.16.2.901-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}