CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

CWE 1 Total

Learn more

CWE-391: CWE-391

Product Status

Learn more

Versions 1 Total

Default Status: unknown

affected

References 3 Total

debian.org: DSA-4000
external site
vendor-advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1509216
external site
https://cgit.freedesktop.org/xorg/xserver/commit/?id=cad5a1050b7184d828aef9c1dd151c3ab649d37e
external site

Updated: 2024-08-05

This container includes required additional information provided by the CVE Program for this vulnerability.

References 3 Total

debian.org: DSA-4000
external site
vendor-advisoryx_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1509216
external site
x_transferred
https://cgit.freedesktop.org/xorg/xserver/commit/?id=cad5a1050b7184d828aef9c1dd151c3ab649d37e
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Red Hat, Inc.

Description

CWE 1 Total

Product Status

References 3 Total

CVE Program

References 3 Total