Search CVE reports
1 – 10 of 19 results
CVE-2023-43787
Medium prioritySome fixes available 18 of 27
A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.
3 affected packages
libx11, libxpm, motif
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libx11 | Fixed | Fixed | Fixed | Fixed | Fixed |
libxpm | Fixed | Fixed | Fixed | Fixed | Fixed |
motif | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-43786
Medium prioritySome fixes available 18 of 27
A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.
3 affected packages
libx11, libxpm, motif
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libx11 | Fixed | Fixed | Fixed | Fixed | Fixed |
libxpm | Fixed | Fixed | Fixed | Fixed | Fixed |
motif | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-43785
Medium priorityA vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.
1 affected package
libx11
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libx11 | — | Fixed | Fixed | Fixed | Fixed |
CVE-2023-3138
Medium priorityA vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that...
1 affected package
libx11
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libx11 | — | Fixed | Fixed | Fixed | Fixed |
CVE-2020-25697
Low priorityA privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.
1 affected package
libx11
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libx11 | — | Ignored | Ignored | Ignored | Ignored |
CVE-2021-31535
Medium priorityLookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to...
1 affected package
libx11
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libx11 | — | Fixed | Fixed | Fixed | Fixed |
CVE-2020-14363
Medium priorityAn integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code...
1 affected package
libx11
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libx11 | — | — | Fixed | Fixed | Fixed |
CVE-2020-14344
Medium priorityAn integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client...
1 affected package
libx11
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libx11 | — | — | Fixed | Fixed | Fixed |
CVE-2018-14600
Medium priorityAn issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote...
1 affected package
libx11
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libx11 | — | — | — | Fixed | Fixed |
CVE-2018-14599
Medium priorityAn issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.
1 affected package
libx11
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libx11 | — | — | — | Fixed | Fixed |