vulnerability

SUSE: CVE-2018-14600: SUSE Linux Security Advisory

Try Surface Command
Back to search
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Aug 21, 2018
Added
Sep 1, 2018
Modified
Oct 22, 2021

Description

An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.

Solutions

suse-upgrade-libx11-6suse-upgrade-libx11-6-32bitsuse-upgrade-libx11-datasuse-upgrade-libx11-develsuse-upgrade-libx11-devel-32bitsuse-upgrade-libx11-xcb1suse-upgrade-libx11-xcb1-32bitsuse-upgrade-libxcb-composite0suse-upgrade-libxcb-damage0suse-upgrade-libxcb-develsuse-upgrade-libxcb-devel-docsuse-upgrade-libxcb-dpms0suse-upgrade-libxcb-dri2-0suse-upgrade-libxcb-dri2-0-32bitsuse-upgrade-libxcb-dri3-0suse-upgrade-libxcb-dri3-0-32bitsuse-upgrade-libxcb-glx0suse-upgrade-libxcb-glx0-32bitsuse-upgrade-libxcb-present0suse-upgrade-libxcb-present0-32bitsuse-upgrade-libxcb-randr0suse-upgrade-libxcb-record0suse-upgrade-libxcb-render0suse-upgrade-libxcb-render0-32bitsuse-upgrade-libxcb-res0suse-upgrade-libxcb-screensaver0suse-upgrade-libxcb-shape0suse-upgrade-libxcb-shm0suse-upgrade-libxcb-shm0-32bitsuse-upgrade-libxcb-sync1suse-upgrade-libxcb-sync1-32bitsuse-upgrade-libxcb-xevie0suse-upgrade-libxcb-xf86dri0suse-upgrade-libxcb-xfixes0suse-upgrade-libxcb-xfixes0-32bitsuse-upgrade-libxcb-xinerama0suse-upgrade-libxcb-xkb1suse-upgrade-libxcb-xkb1-32bitsuse-upgrade-libxcb-xprint0suse-upgrade-libxcb-xtest0suse-upgrade-libxcb-xv0suse-upgrade-libxcb-xvmc0suse-upgrade-libxcb1suse-upgrade-libxcb1-32bitsuse-upgrade-xorg-x11-libx11suse-upgrade-xorg-x11-libx11-32bitsuse-upgrade-xorg-x11-libx11-develsuse-upgrade-xorg-x11-libx11-devel-32bitsuse-upgrade-xorg-x11-libx11-x86

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today