vulnerability
CentOS Linux: CVE-2018-14600: Moderate: Xorg security and bug fix update (CESA-2019:2079)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Aug 24, 2018 | Aug 28, 2019 | May 25, 2023 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Aug 24, 2018
Added
Aug 28, 2019
Modified
May 25, 2023
Description
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.
Solution(s)
centos-upgrade-gdmcentos-upgrade-gdm-debuginfocentos-upgrade-gdm-develcentos-upgrade-gdm-pam-extensions-develcentos-upgrade-libx11centos-upgrade-libx11-commoncentos-upgrade-libx11-debuginfocentos-upgrade-libx11-develcentos-upgrade-libxkbcommoncentos-upgrade-libxkbcommon-debuginfocentos-upgrade-libxkbcommon-develcentos-upgrade-libxkbcommon-x11centos-upgrade-libxkbcommon-x11-develcentos-upgrade-mesa-libglwcentos-upgrade-mesa-libglw-debuginfocentos-upgrade-mesa-libglw-develcentos-upgrade-xorg-x11-drv-aticentos-upgrade-xorg-x11-drv-ati-debuginfocentos-upgrade-xorg-x11-drv-vesacentos-upgrade-xorg-x11-drv-vesa-debuginfocentos-upgrade-xorg-x11-drv-wacomcentos-upgrade-xorg-x11-drv-wacom-debuginfocentos-upgrade-xorg-x11-drv-wacom-develcentos-upgrade-xorg-x11-server-commoncentos-upgrade-xorg-x11-server-debuginfocentos-upgrade-xorg-x11-server-develcentos-upgrade-xorg-x11-server-sourcecentos-upgrade-xorg-x11-server-xdmxcentos-upgrade-xorg-x11-server-xephyrcentos-upgrade-xorg-x11-server-xnestcentos-upgrade-xorg-x11-server-xorgcentos-upgrade-xorg-x11-server-xvfbcentos-upgrade-xorg-x11-server-xwayland
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.