Gregory James Duck discovered that libx11 incorrectly handled certain Request, Event, or Error IDs. If a user were tricked into connecting to a malicious X Server, a remote attacker could possibly use this issue to cause libx11 to crash, resulting in a denial of service.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libx11-6", "binary_version": "2:1.6.9-2ubuntu1.5" }, { "binary_name": "libx11-6-dbgsym", "binary_version": "2:1.6.9-2ubuntu1.5" }, { "binary_name": "libx11-6-udeb", "binary_version": "2:1.6.9-2ubuntu1.5" }, { "binary_name": "libx11-data", "binary_version": "2:1.6.9-2ubuntu1.5" }, { "binary_name": "libx11-dev", "binary_version": "2:1.6.9-2ubuntu1.5" }, { "binary_name": "libx11-doc", "binary_version": "2:1.6.9-2ubuntu1.5" }, { "binary_name": "libx11-xcb-dev", "binary_version": "2:1.6.9-2ubuntu1.5" }, { "binary_name": "libx11-xcb1", "binary_version": "2:1.6.9-2ubuntu1.5" }, { "binary_name": "libx11-xcb1-dbgsym", "binary_version": "2:1.6.9-2ubuntu1.5" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libx11-6", "binary_version": "2:1.7.5-1ubuntu0.2" }, { "binary_name": "libx11-6-dbgsym", "binary_version": "2:1.7.5-1ubuntu0.2" }, { "binary_name": "libx11-data", "binary_version": "2:1.7.5-1ubuntu0.2" }, { "binary_name": "libx11-dev", "binary_version": "2:1.7.5-1ubuntu0.2" }, { "binary_name": "libx11-doc", "binary_version": "2:1.7.5-1ubuntu0.2" }, { "binary_name": "libx11-xcb-dev", "binary_version": "2:1.7.5-1ubuntu0.2" }, { "binary_name": "libx11-xcb1", "binary_version": "2:1.7.5-1ubuntu0.2" }, { "binary_name": "libx11-xcb1-dbgsym", "binary_version": "2:1.7.5-1ubuntu0.2" } ] }