vulnerability
CentOS Linux: CVE-2016-10164: Moderate: X.org X11 libraries security, bug fix and enhancement update (CESA-2017:1865)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Feb 1, 2017 | Aug 28, 2019 | May 25, 2023 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Feb 1, 2017
Added
Aug 28, 2019
Modified
May 25, 2023
Description
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow.
Solution(s)
centos-upgrade-drm-utilscentos-upgrade-libdrmcentos-upgrade-libdrm-debuginfocentos-upgrade-libdrm-develcentos-upgrade-libepoxycentos-upgrade-libepoxy-debuginfocentos-upgrade-libepoxy-develcentos-upgrade-libevdevcentos-upgrade-libevdev-debuginfocentos-upgrade-libevdev-develcentos-upgrade-libevdev-utilscentos-upgrade-libfontenccentos-upgrade-libfontenc-debuginfocentos-upgrade-libfontenc-develcentos-upgrade-libicecentos-upgrade-libice-debuginfocentos-upgrade-libice-develcentos-upgrade-libinputcentos-upgrade-libinput-debuginfocentos-upgrade-libinput-develcentos-upgrade-libvdpaucentos-upgrade-libvdpau-debuginfocentos-upgrade-libvdpau-develcentos-upgrade-libvdpau-docscentos-upgrade-libwacomcentos-upgrade-libwacom-datacentos-upgrade-libwacom-debuginfocentos-upgrade-libwacom-develcentos-upgrade-libx11centos-upgrade-libx11-commoncentos-upgrade-libx11-debuginfocentos-upgrade-libx11-develcentos-upgrade-libxawcentos-upgrade-libxaw-debuginfocentos-upgrade-libxaw-develcentos-upgrade-libxcbcentos-upgrade-libxcb-debuginfocentos-upgrade-libxcb-develcentos-upgrade-libxcb-doccentos-upgrade-libxcursorcentos-upgrade-libxcursor-debuginfocentos-upgrade-libxcursor-develcentos-upgrade-libxdmcpcentos-upgrade-libxdmcp-debuginfocentos-upgrade-libxdmcp-develcentos-upgrade-libxfixescentos-upgrade-libxfixes-debuginfocentos-upgrade-libxfixes-develcentos-upgrade-libxfontcentos-upgrade-libxfont-debuginfocentos-upgrade-libxfont-develcentos-upgrade-libxfont2centos-upgrade-libxfont2-debuginfocentos-upgrade-libxfont2-develcentos-upgrade-libxicentos-upgrade-libxi-debuginfocentos-upgrade-libxi-develcentos-upgrade-libxkbcommoncentos-upgrade-libxkbcommon-debuginfocentos-upgrade-libxkbcommon-develcentos-upgrade-libxkbcommon-x11centos-upgrade-libxkbcommon-x11-develcentos-upgrade-libxkbfilecentos-upgrade-libxkbfile-debuginfocentos-upgrade-libxkbfile-develcentos-upgrade-libxpmcentos-upgrade-libxpm-debuginfocentos-upgrade-libxpm-develcentos-upgrade-libxrandrcentos-upgrade-libxrandr-debuginfocentos-upgrade-libxrandr-develcentos-upgrade-libxrendercentos-upgrade-libxrender-debuginfocentos-upgrade-libxrender-develcentos-upgrade-libxtcentos-upgrade-libxt-debuginfocentos-upgrade-libxt-develcentos-upgrade-libxtstcentos-upgrade-libxtst-debuginfocentos-upgrade-libxtst-develcentos-upgrade-libxvcentos-upgrade-libxv-debuginfocentos-upgrade-libxv-develcentos-upgrade-libxvmccentos-upgrade-libxvmc-debuginfocentos-upgrade-libxvmc-develcentos-upgrade-libxxf86vmcentos-upgrade-libxxf86vm-debuginfocentos-upgrade-libxxf86vm-develcentos-upgrade-mesa-debuginfocentos-upgrade-mesa-dri-driverscentos-upgrade-mesa-filesystemcentos-upgrade-mesa-libeglcentos-upgrade-mesa-libegl-develcentos-upgrade-mesa-libgbmcentos-upgrade-mesa-libgbm-develcentos-upgrade-mesa-libglcentos-upgrade-mesa-libgl-develcentos-upgrade-mesa-libglapicentos-upgrade-mesa-libglescentos-upgrade-mesa-libgles-develcentos-upgrade-mesa-libosmesacentos-upgrade-mesa-libosmesa-develcentos-upgrade-mesa-libxatrackercentos-upgrade-mesa-libxatracker-develcentos-upgrade-mesa-private-llvmcentos-upgrade-mesa-private-llvm-debuginfocentos-upgrade-mesa-private-llvm-develcentos-upgrade-mesa-vulkan-driverscentos-upgrade-vulkancentos-upgrade-vulkan-debuginfocentos-upgrade-vulkan-develcentos-upgrade-vulkan-filesystemcentos-upgrade-xcb-protocentos-upgrade-xkeyboard-configcentos-upgrade-xkeyboard-config-develcentos-upgrade-xorg-x11-proto-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.