X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.
Metrics
Affected Vendors & Products
References
History
Fri, 29 Aug 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
X.org x Server
|
|
CPEs | cpe:2.3:a:x.org:xorg-server:1.17.0:*:*:*:*:*:*:* |
cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:* cpe:2.3:a:x.org:x_server:1.17.0:*:*:*:*:*:*:* |
Vendors & Products |
X.org xorg-server
|
X.org x Server
|
Sun, 13 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T04:03:10.448Z
Reserved: 2014-11-18T00:00:00
Link: CVE-2015-0255

No data.

Status : Deferred
Published: 2015-02-13T15:59:09.367
Modified: 2025-08-29T13:42:30.557
Link: CVE-2015-0255


No data.