CLD-63 Details
Other IDs this deficiency may be known by:
Basic Information:
Affected Package(s) |
xorg-server |
Deficiency Type |
SECURITY |
Date Created |
2017-10-06 08:52:07 |
Date Last Modified |
2017-10-06 09:14:04 |
Version Specific Information:
Cucumber 1.0 i686 | fixed in xorg-server-1.18.1-i686-4 |
Cucumber 1.0 x86_64 | fixed in xorg-server-1.18.1-x86_64-4 |
Cucumber 1.1 i686 |
fixed in xorg-server-1.18.1-i686-4 |
Cucumber 1.1 x86_64 |
fixed in xorg-server-1.18.1-x86_64-4 |
Details:
Official Patch:
https://cgit.freedesktop.org/xorg/xserver/commit/?id=b95f25af141d33a65f6f821ea9c003f66a01e1f1
Xext/shm: Validate shmseg resource id (CVE-2017-13721)
Otherwise it can belong to a non-existing client and abort X server with
FatalError "client not in use", or overwrite existing segment of another
existing client.