CVE-2014-8098
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2014-8098
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2014-8098.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2014-8098
- Related
- Published
- 2014-12-10T15:59:10Z
- Modified
- 2024-09-18T01:00:21Z
- Summary
- [none]
- Details
-
The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) _glXDispRender, (2) _glXDispRenderLarge, (3) _glXDispSwapVendorPrivate, (4) _glXDispSwapVendorPrivateWithReply, (5) setclientinfo, (6) _glXDispSwapSetClientInfoARB, (7) DoSwapInterval, (8) DoGetProgramString, (9) DoGetString, (10) _glXDispSwapRenderMode, (11) _glXDispGetCompressedTexImage, (12) _glXDispSwapGetCompressedTexImage, (13) _glXDispFeedbackBuffer, (14) _glXDispSwapFeedbackBuffer, (15) _glXDispSelectBuffer, (16) _glXDispSwapSelectBuffer, (17) _glXDispFlush, (18) _glXDispSwapFlush, (19) _glXDispFinish, (20) _glXDispSwapFinish, (21) _glXDispReadPixels, (22) _glXDispSwapReadPixels, (23) _glXDispGetTexImage, (24) _glXDispSwapGetTexImage, (25) _glXDispGetPolygonStipple, (26) _glXDispSwapGetPolygonStipple, (27) _glXDispGetSeparableFilter, (28) _glXDispGetSeparableFilterEXT, (29) _glXDispGetConvolutionFilter, (30) _glXDispGetConvolutionFilterEXT, (31) _glXDispGetHistogram, (32) _glXDispGetHistogramEXT, (33) _glXDispGetMinmax, (34) _glXDispGetMinmaxEXT, (35) _glXDispGetColorTable, (36) _glXDispGetColorTableSGI, (37) GetSeparableFilter, (38) GetConvolutionFilter, (39) GetHistogram, (40) GetMinmax, or (41) GetColorTable function.
- References
-
- http://advisories.mageia.org/MGASA-2014-0532.html
- http://secunia.com/advisories/61947
- http://secunia.com/advisories/62292
- http://www.debian.org/security/2014/dsa-3095
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:119
- http://www.securityfocus.com/bid/71606
- http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/
- https://security.gentoo.org/glsa/201504-06
- http://nvidia.custhelp.com/app/answers/detail/a_id/3610
- http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- https://security-tracker.debian.org/tracker/CVE-2014-8098
Affected packages
Debian:11 / xorg-server
Package
- Name
- xorg-server
- Purl
- pkg:deb/debian/xorg-server?arch=source
Debian:12 / xorg-server
Package
- Name
- xorg-server
- Purl
- pkg:deb/debian/xorg-server?arch=source
Debian:13 / xorg-server
Package
- Name
- xorg-server
- Purl
- pkg:deb/debian/xorg-server?arch=source