CVE-2010-4818

Published: 3 October 2011

The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a client swap in glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the screen field in a request to glx/glxcmds.c.

Notes

Author	Note
mdeslaur	A regression caused the fix to be removed from lucid. See USN-1232-2.

Priority

Status

Package	Release	Status
xorg-server Launchpad, Ubuntu, Debian	hardy	Ignored (end of life)
	lucid	Released (2:1.7.6-2ubuntu7.10)
	maverick	Released (2:1.9.0-0ubuntu7.5)
	natty	Not vulnerable (2:1.10.1-1ubuntu1.2)
	oneiric	Not vulnerable (2:1.10.4-1ubuntu4)
	upstream	Needs triage
	Patches: upstream: http://cgit.freedesktop.org/xorg/xserver/commit/?id=3f0d3f4d97bce75c1828635c322b6560a45a037f upstream: http://cgit.freedesktop.org/xorg/xserver/commit/?id=ec9c97c6bf70b523bc500bd3adf62176f1bb33a4 upstream: http://cgit.freedesktop.org/xorg/xserver/commit/?id=6c69235a9dfc52e4b4e47630ff4bab1a820eb543 upstream: http://cgit.freedesktop.org/xorg/xserver/commit/?id=62319e8381ebd645ae36b25e5fc3c0e9b098387b upstream: http://cgit.freedesktop.org/xorg/xserver/commit/?id=d9225b9602c85603ae616a7381c784f5cf5e811c upstream: http://cgit.freedesktop.org/xorg/xserver/commit/?id=a883cf1545abd89bb2cadfa659718884b56fd234 upstream: http://cgit.freedesktop.org/xorg/xserver/commit/?id=1137c11be0f82049d28024eaf963c6f76e0d4334 upstream: http://cgit.freedesktop.org/xorg/xserver/commit/?id=402b329c3aa8ddbebaa1f593306a02d4cd6fed26

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›