PT-2019-15234 · X.Org+1 · X.Org Server+1

Marcelo Vázquez

Publicado

2019-06-03

Atualizado

2020-08-24

CVE-2019-17624

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions X.Org X Server version 1.20.4

Description A stack-based buffer overflow exists in the XQueryKeymap function. This can be triggered by sending a large number of ct.c char requests, potentially causing a denial of service or other unspecified impacts.

Recommendations For X.Org X Server version 1.20.4, consider applying a patch or update to fix the buffer overflow issue in the XQueryKeymap function. As a temporary workaround, restrict the input to the XQueryKeymap function to prevent excessive ct.c char requests.

Exploit

Correção

DoS

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

ALT-PU-2019-1984

ALT-PU-2019-2671

CVE-2019-17624

Produtos afetados

Alt Linux

X.Org Server

PT-2019-15234 · X.Org+1 · X.Org Server+1

CVE-2019-17624

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5