Search CVE reports
1 – 10 of 17 results
CVE-2017-2624
Negligible prioritySome fixes available 4 of 10
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp()...
10 affected packages
xorg-server, xorg-server-hwe-16.04, xorg-server-lts-quantal, xorg-server-lts-raring, xorg-server-lts-saucy...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xorg-server | — | — | — | — | Fixed |
| xorg-server-hwe-16.04 | — | — | — | — | Fixed |
| xorg-server-lts-quantal | — | — | — | — | Not in release |
| xorg-server-lts-raring | — | — | — | — | Not in release |
| xorg-server-lts-saucy | — | — | — | — | Not in release |
| xorg-server-lts-trusty | — | — | — | — | Not in release |
| xorg-server-lts-utopic | — | — | — | — | Not in release |
| xorg-server-lts-vivid | — | — | — | — | Not in release |
| xorg-server-lts-wily | — | — | — | — | Not in release |
| xorg-server-lts-xenial | — | — | — | — | Not in release |
CVE-2015-3418
Medium prioritySome fixes available 5 of 9
The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.
6 affected packages
xorg-server, xorg-server-lts-quantal, xorg-server-lts-raring, xorg-server-lts-saucy, xorg-server-lts-trusty, xorg-server-lts-utopic
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xorg-server | — | — | — | — | — |
| xorg-server-lts-quantal | — | — | — | — | — |
| xorg-server-lts-raring | — | — | — | — | — |
| xorg-server-lts-saucy | — | — | — | — | — |
| xorg-server-lts-trusty | — | — | — | — | — |
| xorg-server-lts-utopic | — | — | — | — | — |
CVE-2015-3164
Medium priorityThe authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket.
7 affected packages
xorg-server, xorg-server-lts-quantal, xorg-server-lts-raring, xorg-server-lts-saucy, xorg-server-lts-trusty...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xorg-server | — | — | — | — | Not affected |
| xorg-server-lts-quantal | — | — | — | — | Not in release |
| xorg-server-lts-raring | — | — | — | — | Not in release |
| xorg-server-lts-saucy | — | — | — | — | Not in release |
| xorg-server-lts-trusty | — | — | — | — | Not in release |
| xorg-server-lts-utopic | — | — | — | — | Not in release |
| xorg-server-lts-vivid | — | — | — | — | Not in release |
CVE-2015-0255
Medium prioritySome fixes available 27 of 41
X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value...
7 affected packages
vnc4, xorg-server, xorg-server-lts-quantal, xorg-server-lts-raring, xorg-server-lts-saucy...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vnc4 | Not in release | Not in release | Not in release | Vulnerable | Fixed |
| xorg-server | Fixed | Fixed | Fixed | Fixed | Fixed |
| xorg-server-lts-quantal | Not in release | Not in release | Not in release | Not in release | Not in release |
| xorg-server-lts-raring | Not in release | Not in release | Not in release | Not in release | Not in release |
| xorg-server-lts-saucy | Not in release | Not in release | Not in release | Not in release | Not in release |
| xorg-server-lts-trusty | Not in release | Not in release | Not in release | Not in release | Not in release |
| xorg-server-lts-utopic | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2014-8103
Medium prioritySome fixes available 4 of 5
X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or...
2 affected packages
xorg-server, xorg-server-lts-trusty
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xorg-server | — | — | — | — | — |
| xorg-server-lts-trusty | — | — | — | — | — |
CVE-2014-8102
Medium prioritySome fixes available 4 of 5
The SProcXFixesSelectSelectionInput function in the XFixes extension in X.Org X Window System (aka X11 or X) X11R6.8.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a...
2 affected packages
xorg-server, xorg-server-lts-trusty
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xorg-server | — | — | — | — | — |
| xorg-server-lts-trusty | — | — | — | — | — |
CVE-2014-8101
Medium prioritySome fixes available 4 of 5
The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or...
2 affected packages
xorg-server, xorg-server-lts-trusty
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xorg-server | — | — | — | — | — |
| xorg-server-lts-trusty | — | — | — | — | — |
CVE-2014-8100
Medium prioritySome fixes available 4 of 5
The Render extension in XFree86 4.0.1, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read...
2 affected packages
xorg-server, xorg-server-lts-trusty
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xorg-server | — | — | — | — | — |
| xorg-server-lts-trusty | — | — | — | — | — |
CVE-2014-8099
Medium prioritySome fixes available 4 of 5
The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read...
2 affected packages
xorg-server, xorg-server-lts-trusty
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xorg-server | — | — | — | — | — |
| xorg-server-lts-trusty | — | — | — | — | — |
CVE-2014-8098
Medium prioritySome fixes available 16 of 17
The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or...
6 affected packages
nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-331, nvidia-graphics-drivers-331-updates, xorg-server, xorg-server-lts-trusty
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| nvidia-graphics-drivers-304 | — | — | — | — | — |
| nvidia-graphics-drivers-304-updates | — | — | — | — | — |
| nvidia-graphics-drivers-331 | — | — | — | — | — |
| nvidia-graphics-drivers-331-updates | — | — | — | — | — |
| xorg-server | — | — | — | — | — |
| xorg-server-lts-trusty | — | — | — | — | — |