CVE-2014-8102

Name of the Vulnerable Software and Affected Versions xorg-x11-server-Xdmx versions 1.15.0 xorg-x11-server-debuginfo versions 1.15.0 xorg-x11-server-Xnest versions 1.15.0 xorg-x11-server-Xephyr versions 1.15.0 xorg-x11-server-source versions 1.15.0 xorg-x11-server-Xvfb versions 1.15.0 xorg-x11-server-common versions 1.15.0 xorg-x11-server-Xvnc-source versions 1.1.1 xorg-x11-server-devel versions 1.15.0 xorg-x11-server-Xorg versions 1.15.0 X.Org Server versions prior to 1.16.3

Description The issue is related to multiple vulnerabilities in the xorg-x11-server package, which can lead to a disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely by an authenticated attacker. The SProcXFixesSelectSelectionInput function in the XFixes extension is specifically mentioned as allowing remote authenticated users to cause a denial of service or possibly execute arbitrary code via a crafted length value.

Recommendations For xorg-x11-server-Xdmx version 1.15.0, update to a version later than 1.15.0. For xorg-x11-server-debuginfo version 1.15.0, update to a version later than 1.15.0. For xorg-x11-server-Xnest version 1.15.0, update to a version later than 1.15.0. For xorg-x11-server-Xephyr version 1.15.0, update to a version later than 1.15.0. For xorg-x11-server-source version 1.15.0, update to a version later than 1.15.0. For xorg-x11-server-Xvfb version 1.15.0, update to a version later than 1.15.0. For xorg-x11-server-common version 1.15.0, update to a version later than 1.15.0. For xorg-x11-server-Xvnc-source version 1.1.1, update to a version later than 1.1.1. For xorg-x11-server-devel version 1.15.0, update to a version later than 1.15.0. For xorg-x11-server-Xorg version 1.15.0, update to a version later than 1.15.0. For X.Org Server version prior to 1.16.3, update to version 1.16.3 or later. As a temporary workaround, consider disabling the SProcXFixesSelectSelectionInput function until a patch is available.