An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "libx11-6", "binary_version": "2:1.6.2-1ubuntu2.1" }, { "binary_name": "libx11-6-dbg", "binary_version": "2:1.6.2-1ubuntu2.1" }, { "binary_name": "libx11-6-dbgsym", "binary_version": "2:1.6.2-1ubuntu2.1" }, { "binary_name": "libx11-6-udeb", "binary_version": "2:1.6.2-1ubuntu2.1" }, { "binary_name": "libx11-6-udeb-dbgsym", "binary_version": "2:1.6.2-1ubuntu2.1" }, { "binary_name": "libx11-data", "binary_version": "2:1.6.2-1ubuntu2.1" }, { "binary_name": "libx11-dev", "binary_version": "2:1.6.2-1ubuntu2.1" }, { "binary_name": "libx11-dev-dbgsym", "binary_version": "2:1.6.2-1ubuntu2.1" }, { "binary_name": "libx11-doc", "binary_version": "2:1.6.2-1ubuntu2.1" }, { "binary_name": "libx11-xcb-dev", "binary_version": "2:1.6.2-1ubuntu2.1" }, { "binary_name": "libx11-xcb-dev-dbgsym", "binary_version": "2:1.6.2-1ubuntu2.1" }, { "binary_name": "libx11-xcb1", "binary_version": "2:1.6.2-1ubuntu2.1" }, { "binary_name": "libx11-xcb1-dbg", "binary_version": "2:1.6.2-1ubuntu2.1" }, { "binary_name": "libx11-xcb1-dbgsym", "binary_version": "2:1.6.2-1ubuntu2.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "libx11-6", "binary_version": "2:1.6.3-1ubuntu2.1" }, { "binary_name": "libx11-6-dbg", "binary_version": "2:1.6.3-1ubuntu2.1" }, { "binary_name": "libx11-6-dbgsym", "binary_version": "2:1.6.3-1ubuntu2.1" }, { "binary_name": "libx11-6-udeb", "binary_version": "2:1.6.3-1ubuntu2.1" }, { "binary_name": "libx11-6-udeb-dbgsym", "binary_version": "2:1.6.3-1ubuntu2.1" }, { "binary_name": "libx11-data", "binary_version": "2:1.6.3-1ubuntu2.1" }, { "binary_name": "libx11-dev", "binary_version": "2:1.6.3-1ubuntu2.1" }, { "binary_name": "libx11-dev-dbgsym", "binary_version": "2:1.6.3-1ubuntu2.1" }, { "binary_name": "libx11-doc", "binary_version": "2:1.6.3-1ubuntu2.1" }, { "binary_name": "libx11-xcb-dev", "binary_version": "2:1.6.3-1ubuntu2.1" }, { "binary_name": "libx11-xcb-dev-dbgsym", "binary_version": "2:1.6.3-1ubuntu2.1" }, { "binary_name": "libx11-xcb1", "binary_version": "2:1.6.3-1ubuntu2.1" }, { "binary_name": "libx11-xcb1-dbg", "binary_version": "2:1.6.3-1ubuntu2.1" }, { "binary_name": "libx11-xcb1-dbgsym", "binary_version": "2:1.6.3-1ubuntu2.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "libx11-6", "binary_version": "2:1.6.4-3ubuntu0.1" }, { "binary_name": "libx11-6-dbgsym", "binary_version": "2:1.6.4-3ubuntu0.1" }, { "binary_name": "libx11-6-udeb", "binary_version": "2:1.6.4-3ubuntu0.1" }, { "binary_name": "libx11-data", "binary_version": "2:1.6.4-3ubuntu0.1" }, { "binary_name": "libx11-dev", "binary_version": "2:1.6.4-3ubuntu0.1" }, { "binary_name": "libx11-doc", "binary_version": "2:1.6.4-3ubuntu0.1" }, { "binary_name": "libx11-xcb-dev", "binary_version": "2:1.6.4-3ubuntu0.1" }, { "binary_name": "libx11-xcb1", "binary_version": "2:1.6.4-3ubuntu0.1" }, { "binary_name": "libx11-xcb1-dbgsym", "binary_version": "2:1.6.4-3ubuntu0.1" } ] }