Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.7
CVSSv3

CVE-2017-13721

Published: 10/10/2017 Updated: 03/10/2019
CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4
CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1
VMScore: 169
Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P
Subscribe to X.org

Vulnerability Summary

In X.Org Server (aka xserver and xorg-server) prior to 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.

Vulnerable Product Search on Vulmon Subscribe to Product

x.org xorg-server

debian debian linux 8.0

debian debian linux 9.0

Vendor Advisories

Ubuntu Security Notice: xorg-server, xorg-server-hwe-16.04, xorg-server-lts-xenial vulnerabilities
Several security issues were fixed in the XOrg X server ...
Debian Security Advisories: DSA-4000-1 xorg-server -- security update
Several vulnerabilities have been discovered in the XOrg X server An attacker who's able to connect to an X server could cause a denial of service or potentially the execution of arbitrary code For the oldstable distribution (jessie), these problems have been fixed in version 2:1164-1+deb8u2 For the stable distribution (stretch), these proble ...
Red Hat: CVE-2017-13721
In XOrg Server (aka xserver and xorg-server) before 1194, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session ...
Arch Linux Issues:
A denial of service vulnerability was found in xorg-server in the ProcShmCreateSegment function due to a missing shmseg resource ids validation A passed shmseg resource id may belong to a non-existing client and abort X server with FatalError "client not in use", or overwrite existing segment of another existing client ...

References

CWE-269https://lists.x.org/archives/xorg-announce/2017-October/002808.htmlhttps://cgit.freedesktop.org/xorg/xserver/commit/?id=b95f25af141d33a65f6f821ea9c003f66a01e1f1http://www.openwall.com/lists/oss-security/2017/10/04/10http://www.securityfocus.com/bid/101238https://security.gentoo.org/glsa/201710-30http://www.debian.org/security/2017/dsa-4000https://usn.ubuntu.com/3453-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975CVE-2024-2961CVE-2024-20380XML injectionHTML injectionCVE-2024-29204CVE-2023-51795memory leakCVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook