Integer Overflow Vulnerability in X.org libXi Affecting Multiple Platforms
CVE-2013-1984

Currently unrated

Key Information:

Vendor: X.org
Status: Libxi
Vendor: CVE Published:; 15 June 2013

What is CVE-2013-1984?

The vulnerability in X.org's libXi versions 1.7.1 and earlier stems from multiple integer overflow occurrences. These flaws can allow X servers to inadvertently allocate insufficient memory, leading to potential buffer overflow. This affects various functionalities including XGetDeviceControl, XGetFeedbackControl, XGetDeviceDontPropagateList, and more, posing a significant risk to system integrity and security.

References

http://www.ubuntu.com/usn/USN-1859-1

vendor-advisoryx_refsource_UBUNTU

http://lists.fedoraproject.org/pipermail/package-announce...

vendor-advisoryx_refsource_FEDORA

http://lists.opensuse.org/opensuse-updates/2013-06/msg001...

vendor-advisoryx_refsource_SUSE

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2013
Vulnerability Reserved
Feb 19, 2013