PT-2019-15234 · X.Org+1 · X.Org Server+1

Marcelo Vázquez

Published

2019-06-03

Updated

2020-08-24

CVE-2019-17624

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions X.Org X Server version 1.20.4

Description A stack-based buffer overflow exists in the XQueryKeymap function. This can be triggered by sending a large number of ct.c char requests, potentially causing a denial of service or other unspecified impacts.

Recommendations For X.Org X Server version 1.20.4, consider applying a patch or update to fix the buffer overflow issue in the XQueryKeymap function. As a temporary workaround, restrict the input to the XQueryKeymap function to prevent excessive ct.c char requests.

Exploit

Fix

DoS

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2019-1984

ALT-PU-2019-2671

CVE-2019-17624

Affected Products

Alt Linux

X.Org Server

PT-2019-15234 · X.Org+1 · X.Org Server+1

CVE-2019-17624

Weakness Enumeration

Related Identifiers

Affected Products

References · 5