X.Org Foundation · Xorg-X11-Server · CVE-2017-12176
**Name of the Vulnerable Software and Affected Versions**
xorg-x11-server versions prior to 1.19.5
**Description**
The issue is related to missing extra length validation in the `ProcEstablishConnection` function, which allows a malicious X client to cause the X server to crash or possibly execute arbitrary code.
**Recommendations**
For versions prior to 1.19.5, update to version 1.19.5 or later to resolve the issue.