CVE-2014-8101

Publication date 9 December 2014

Last updated 24 July 2024

Ubuntu priority

Description

The RandR extension in XFree86 4.2.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcRRQueryVersion, (2) SProcRRGetScreenInfo, (3) SProcRRSelectInput, or (4) SProcRRConfigureOutputProperty function.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
xorg-server	14.10 utopic	Fixed 2:1.16.0-1ubuntu1.1
	14.04 LTS trusty	Fixed 2:1.15.1-0ubuntu2.4
	12.04 LTS precise	Fixed 2:1.11.4-0ubuntu10.15
	10.04 LTS lucid	Ignored end of life
xorg-server-lts-trusty	14.10 utopic	Not in release
	14.04 LTS trusty	Not in release
	12.04 LTS precise	Fixed 2:1.15.1-0ubuntu2~precise3
	10.04 LTS lucid	Not in release

References

Related Ubuntu Security Notices (USN)

USN-2436-1
X.Org X server vulnerabilities
9 December 2014

CVE-2014-8101

Description

Status

References

Related Ubuntu Security Notices (USN)

Other references