vulnerability

Oracle Linux: CVE-2016-10164: ELSA-2017-1865: X.org X11 libraries security, bug fix and enhancement update (MODERATE) (Multiple Advisories)

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:H/Au:N/C:P/I:C/A:P)
Published
2016-12-12
Added
2017-08-08
Modified
2024-11-30

Description

Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow.
An integer overflow flaw leading to a heap-based buffer overflow was found in libXpm. An attacker could use this flaw to crash an application using libXpm via a specially crafted XPM file.

Solution(s)

oracle-linux-upgrade-drm-utilsoracle-linux-upgrade-libdrmoracle-linux-upgrade-libdrm-develoracle-linux-upgrade-libepoxyoracle-linux-upgrade-libepoxy-develoracle-linux-upgrade-libevdevoracle-linux-upgrade-libevdev-develoracle-linux-upgrade-libevdev-utilsoracle-linux-upgrade-libfontencoracle-linux-upgrade-libfontenc-develoracle-linux-upgrade-libiceoracle-linux-upgrade-libice-develoracle-linux-upgrade-libinputoracle-linux-upgrade-libinput-develoracle-linux-upgrade-libvdpauoracle-linux-upgrade-libvdpau-develoracle-linux-upgrade-libvdpau-docsoracle-linux-upgrade-libwacomoracle-linux-upgrade-libwacom-dataoracle-linux-upgrade-libwacom-develoracle-linux-upgrade-libx11oracle-linux-upgrade-libx11-commonoracle-linux-upgrade-libx11-develoracle-linux-upgrade-libxaworacle-linux-upgrade-libxaw-develoracle-linux-upgrade-libxcboracle-linux-upgrade-libxcb-develoracle-linux-upgrade-libxcb-docoracle-linux-upgrade-libxcursororacle-linux-upgrade-libxcursor-develoracle-linux-upgrade-libxdmcporacle-linux-upgrade-libxdmcp-develoracle-linux-upgrade-libxfixesoracle-linux-upgrade-libxfixes-develoracle-linux-upgrade-libxfontoracle-linux-upgrade-libxfont2oracle-linux-upgrade-libxfont2-develoracle-linux-upgrade-libxfont-develoracle-linux-upgrade-libxioracle-linux-upgrade-libxi-develoracle-linux-upgrade-libxkbcommonoracle-linux-upgrade-libxkbcommon-develoracle-linux-upgrade-libxkbcommon-x11oracle-linux-upgrade-libxkbcommon-x11-develoracle-linux-upgrade-libxkbfileoracle-linux-upgrade-libxkbfile-develoracle-linux-upgrade-libxpmoracle-linux-upgrade-libxpm-develoracle-linux-upgrade-libxrandroracle-linux-upgrade-libxrandr-develoracle-linux-upgrade-libxrenderoracle-linux-upgrade-libxrender-develoracle-linux-upgrade-libxtoracle-linux-upgrade-libxt-develoracle-linux-upgrade-libxtstoracle-linux-upgrade-libxtst-develoracle-linux-upgrade-libxvoracle-linux-upgrade-libxv-develoracle-linux-upgrade-libxvmcoracle-linux-upgrade-libxvmc-develoracle-linux-upgrade-libxxf86vmoracle-linux-upgrade-libxxf86vm-develoracle-linux-upgrade-mesa-dri-driversoracle-linux-upgrade-mesa-filesystemoracle-linux-upgrade-mesa-libegloracle-linux-upgrade-mesa-libegl-develoracle-linux-upgrade-mesa-libgbmoracle-linux-upgrade-mesa-libgbm-develoracle-linux-upgrade-mesa-libgloracle-linux-upgrade-mesa-libglapioracle-linux-upgrade-mesa-libgl-develoracle-linux-upgrade-mesa-libglesoracle-linux-upgrade-mesa-libgles-develoracle-linux-upgrade-mesa-libosmesaoracle-linux-upgrade-mesa-libosmesa-develoracle-linux-upgrade-mesa-libxatrackeroracle-linux-upgrade-mesa-libxatracker-develoracle-linux-upgrade-mesa-private-llvmoracle-linux-upgrade-mesa-private-llvm-develoracle-linux-upgrade-mesa-vulkan-driversoracle-linux-upgrade-vulkanoracle-linux-upgrade-vulkan-develoracle-linux-upgrade-vulkan-filesystemoracle-linux-upgrade-xcb-protooracle-linux-upgrade-xkeyboard-configoracle-linux-upgrade-xkeyboard-config-develoracle-linux-upgrade-xorg-x11-proto-devel

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today