In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp.
Metrics
Affected Vendors & Products
Advisories
| Source | ID | Title |
|---|---|---|
Debian DLA |
DLA-1186-1 | xorg-server security update |
Debian DSA |
DSA-4000-1 | xorg-server security update |
EUVD |
EUVD-2017-5240 | In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp. |
Ubuntu USN |
USN-3453-1 | X.Org X server vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Fri, 29 Aug 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
X.org x Server
|
|
| CPEs | cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:* | |
| Vendors & Products |
X.org xorg-server
|
X.org x Server
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T19:05:19.958Z
Reserved: 2017-08-28T00:00:00
Link: CVE-2017-13723
No data.
Status : Deferred
Published: 2017-10-10T01:30:21.407
Modified: 2025-08-29T13:42:30.557
Link: CVE-2017-13723
OpenCVE Enrichment
No data.
Debian DLA
Debian DSA
EUVD
Ubuntu USN