vulnerability
SUSE: CVE-2018-14598: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | 2018-08-21 | 2018-09-01 | 2021-10-22 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
2018-08-21
Added
2018-09-01
Modified
2021-10-22
Description
An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).
Solution(s)
suse-upgrade-libx11-6suse-upgrade-libx11-6-32bitsuse-upgrade-libx11-datasuse-upgrade-libx11-develsuse-upgrade-libx11-devel-32bitsuse-upgrade-libx11-xcb1suse-upgrade-libx11-xcb1-32bitsuse-upgrade-libxcb-composite0suse-upgrade-libxcb-damage0suse-upgrade-libxcb-develsuse-upgrade-libxcb-devel-docsuse-upgrade-libxcb-dpms0suse-upgrade-libxcb-dri2-0suse-upgrade-libxcb-dri2-0-32bitsuse-upgrade-libxcb-dri3-0suse-upgrade-libxcb-dri3-0-32bitsuse-upgrade-libxcb-glx0suse-upgrade-libxcb-glx0-32bitsuse-upgrade-libxcb-present0suse-upgrade-libxcb-present0-32bitsuse-upgrade-libxcb-randr0suse-upgrade-libxcb-record0suse-upgrade-libxcb-render0suse-upgrade-libxcb-render0-32bitsuse-upgrade-libxcb-res0suse-upgrade-libxcb-screensaver0suse-upgrade-libxcb-shape0suse-upgrade-libxcb-shm0suse-upgrade-libxcb-shm0-32bitsuse-upgrade-libxcb-sync1suse-upgrade-libxcb-sync1-32bitsuse-upgrade-libxcb-xevie0suse-upgrade-libxcb-xf86dri0suse-upgrade-libxcb-xfixes0suse-upgrade-libxcb-xfixes0-32bitsuse-upgrade-libxcb-xinerama0suse-upgrade-libxcb-xkb1suse-upgrade-libxcb-xkb1-32bitsuse-upgrade-libxcb-xprint0suse-upgrade-libxcb-xtest0suse-upgrade-libxcb-xv0suse-upgrade-libxcb-xvmc0suse-upgrade-libxcb1suse-upgrade-libxcb1-32bitsuse-upgrade-xorg-x11-libx11suse-upgrade-xorg-x11-libx11-32bitsuse-upgrade-xorg-x11-libx11-develsuse-upgrade-xorg-x11-libx11-devel-32bitsuse-upgrade-xorg-x11-libx11-x86
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.