CVE-2014-8098

The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) _glXDispRender, (2) _glXDispRenderLarge, (3) _glXDispSwapVendorPrivate, (4) _glXDispSwapVendorPrivateWithReply, (5) setclientinfo, (6) _glXDispSwapSetClientInfoARB, (7) DoSwapInterval, (8) DoGetProgramString, (9) DoGetString, (10) _glXDispSwapRenderMode, (11) _glXDispGetCompressedTexImage, (12) _glXDispSwapGetCompressedTexImage, (13) _glXDispFeedbackBuffer, (14) _glXDispSwapFeedbackBuffer, (15) _glXDispSelectBuffer, (16) _glXDispSwapSelectBuffer, (17) _glXDispFlush, (18) _glXDispSwapFlush, (19) _glXDispFinish, (20) _glXDispSwapFinish, (21) _glXDispReadPixels, (22) _glXDispSwapReadPixels, (23) _glXDispGetTexImage, (24) _glXDispSwapGetTexImage, (25) _glXDispGetPolygonStipple, (26) _glXDispSwapGetPolygonStipple, (27) _glXDispGetSeparableFilter, (28) _glXDispGetSeparableFilterEXT, (29) _glXDispGetConvolutionFilter, (30) _glXDispGetConvolutionFilterEXT, (31) _glXDispGetHistogram, (32) _glXDispGetHistogramEXT, (33) _glXDispGetMinmax, (34) _glXDispGetMinmaxEXT, (35) _glXDispGetColorTable, (36) _glXDispGetColorTableSGI, (37) GetSeparableFilter, (38) GetConvolutionFilter, (39) GetHistogram, (40) GetMinmax, or (41) GetColorTable function.