CVE-2014-8097

Name of the Vulnerable Software and Affected Versions xorg-x11-server-Xdmx version 1.15.0 xorg-x11-server-debuginfo version 1.15.0 xorg-x11-server-Xnest version 1.15.0 xorg-x11-server-Xephyr version 1.15.0 xorg-x11-server-source version 1.15.0 xorg-x11-server-Xvfb version 1.15.0 xorg-x11-server-debuginfo version 1.1.1 xorg-x11-server-Xvnc-source version 1.1.1 xorg-x11-server version 1.15.0 xorg-x11-server-common version 1.15.0 xorg-x11-server-Xorg version 1.15.0 xorg-x11-server-devel version 1.15.0

Description The issue affects the X.Org X Window System, allowing remote authenticated users to cause a denial of service or possibly execute arbitrary code via a crafted length or index value to the (1) ProcDbeSwapBuffers or (2) SProcDbeSwapBuffers function. This can lead to a disruption of confidentiality, integrity, and availability of protected information. The exploitation of the vulnerabilities can be carried out remotely by an attacker who has passed the authentication procedure.

Recommendations For xorg-x11-server-Xdmx version 1.15.0, update to a version that contains a fix for this issue. For xorg-x11-server-debuginfo version 1.15.0, update to a version that contains a fix for this issue. For xorg-x11-server-Xnest version 1.15.0, update to a version that contains a fix for this issue. For xorg-x11-server-Xephyr version 1.15.0, update to a version that contains a fix for this issue. For xorg-x11-server-source version 1.15.0, update to a version that contains a fix for this issue. For xorg-x11-server-Xvfb version 1.15.0, update to a version that contains a fix for this issue. For xorg-x11-server-debuginfo version 1.1.1, update to a version that contains a fix for this issue. For xorg-x11-server-Xvnc-source version 1.1.1, update to a version that contains a fix for this issue. For xorg-x11-server version 1.15.0, update to a version that contains a fix for this issue. For xorg-x11-server-common version 1.15.0, update to a version that contains a fix for this issue. For xorg-x11-server-Xorg version 1.15.0, update to a version that contains a fix for this issue. For xorg-x11-server-devel version 1.15.0, update to a version that contains a fix for this issue. As a temporary workaround, consider disabling the ProcDbeSwapBuffers and SProcDbeSwapBuffers functions until a patch is available.