Buffer Overflow Vulnerabilities in X.org LibXi Affected Products by X.Org Foundation
CVE-2013-1998

Currently unrated

Key Information:

Vendor: X.org
Status: Libxi
Vendor: CVE Published:; 15 June 2013

What is CVE-2013-1998?

Multiple buffer overflow vulnerabilities in X.org's libXi library (version 1.7.1 and earlier) enable X servers to crash and potentially allow an attacker to execute arbitrary code. These vulnerabilities arise when crafted length or index values are used with specific functions, such as XGetDeviceButtonMapping, XIPassiveGrabDevice, and XQueryDeviceState. Users of affected versions should seek immediate updates as these vulnerabilities pose significant risks to system stability and security.

References

http://www.ubuntu.com/usn/USN-1859-1

vendor-advisoryx_refsource_UBUNTU

http://lists.fedoraproject.org/pipermail/package-announce...

vendor-advisoryx_refsource_FEDORA

http://lists.opensuse.org/opensuse-updates/2013-06/msg001...

vendor-advisoryx_refsource_SUSE

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2013
Vulnerability Reserved
Feb 19, 2013