An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2:1.6.2-1ubuntu2.1", "binary_name": "libx11-6" }, { "binary_version": "2:1.6.2-1ubuntu2.1", "binary_name": "libx11-6-dbg" }, { "binary_version": "2:1.6.2-1ubuntu2.1", "binary_name": "libx11-6-dbgsym" }, { "binary_version": "2:1.6.2-1ubuntu2.1", "binary_name": "libx11-6-udeb" }, { "binary_version": "2:1.6.2-1ubuntu2.1", "binary_name": "libx11-6-udeb-dbgsym" }, { "binary_version": "2:1.6.2-1ubuntu2.1", "binary_name": "libx11-data" }, { "binary_version": "2:1.6.2-1ubuntu2.1", "binary_name": "libx11-dev" }, { "binary_version": "2:1.6.2-1ubuntu2.1", "binary_name": "libx11-dev-dbgsym" }, { "binary_version": "2:1.6.2-1ubuntu2.1", "binary_name": "libx11-doc" }, { "binary_version": "2:1.6.2-1ubuntu2.1", "binary_name": "libx11-xcb-dev" }, { "binary_version": "2:1.6.2-1ubuntu2.1", "binary_name": "libx11-xcb-dev-dbgsym" }, { "binary_version": "2:1.6.2-1ubuntu2.1", "binary_name": "libx11-xcb1" }, { "binary_version": "2:1.6.2-1ubuntu2.1", "binary_name": "libx11-xcb1-dbg" }, { "binary_version": "2:1.6.2-1ubuntu2.1", "binary_name": "libx11-xcb1-dbgsym" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2:1.6.3-1ubuntu2.1", "binary_name": "libx11-6" }, { "binary_version": "2:1.6.3-1ubuntu2.1", "binary_name": "libx11-6-dbg" }, { "binary_version": "2:1.6.3-1ubuntu2.1", "binary_name": "libx11-6-dbgsym" }, { "binary_version": "2:1.6.3-1ubuntu2.1", "binary_name": "libx11-6-udeb" }, { "binary_version": "2:1.6.3-1ubuntu2.1", "binary_name": "libx11-6-udeb-dbgsym" }, { "binary_version": "2:1.6.3-1ubuntu2.1", "binary_name": "libx11-data" }, { "binary_version": "2:1.6.3-1ubuntu2.1", "binary_name": "libx11-dev" }, { "binary_version": "2:1.6.3-1ubuntu2.1", "binary_name": "libx11-dev-dbgsym" }, { "binary_version": "2:1.6.3-1ubuntu2.1", "binary_name": "libx11-doc" }, { "binary_version": "2:1.6.3-1ubuntu2.1", "binary_name": "libx11-xcb-dev" }, { "binary_version": "2:1.6.3-1ubuntu2.1", "binary_name": "libx11-xcb-dev-dbgsym" }, { "binary_version": "2:1.6.3-1ubuntu2.1", "binary_name": "libx11-xcb1" }, { "binary_version": "2:1.6.3-1ubuntu2.1", "binary_name": "libx11-xcb1-dbg" }, { "binary_version": "2:1.6.3-1ubuntu2.1", "binary_name": "libx11-xcb1-dbgsym" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2:1.6.4-3ubuntu0.1", "binary_name": "libx11-6" }, { "binary_version": "2:1.6.4-3ubuntu0.1", "binary_name": "libx11-6-dbgsym" }, { "binary_version": "2:1.6.4-3ubuntu0.1", "binary_name": "libx11-6-udeb" }, { "binary_version": "2:1.6.4-3ubuntu0.1", "binary_name": "libx11-data" }, { "binary_version": "2:1.6.4-3ubuntu0.1", "binary_name": "libx11-dev" }, { "binary_version": "2:1.6.4-3ubuntu0.1", "binary_name": "libx11-doc" }, { "binary_version": "2:1.6.4-3ubuntu0.1", "binary_name": "libx11-xcb-dev" }, { "binary_version": "2:1.6.4-3ubuntu0.1", "binary_name": "libx11-xcb1" }, { "binary_version": "2:1.6.4-3ubuntu0.1", "binary_name": "libx11-xcb1-dbgsym" } ] }