Project

General

Profile

Bug #6749

libxpm: Out-of-bounds write in XPM extension parsing (CVE-2016-10164)

Added by Alicha CH over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
-
Start date:
01/26/2017
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Affected versions:
Security IDs:

Description

An out of boundary write has been found in libXpm < 3.5.12 which can be
exploited by an attacker through maliciously crafted XPM files.

Fixed In Version:

libxpm 3.5.12

Reference:

http://seclists.org/oss-sec/2017/q1/167

Upstream patch:

https://cgit.freedesktop.org/xorg/lib/libXpm/commit/?id=d1167418f0fd02a27f617ec5afd6db053afbe185


Subtasks

Bug #6750: [3.6] libxpm: Out-of-bounds write in XPM extension parsing (CVE-2016-10164)ClosedNatanael Copa

Bug #6751: [3.5] libxpm: Out-of-bounds write in XPM extension parsing (CVE-2016-10164)ClosedNatanael Copa

Bug #6752: [3.4] libxpm: Out-of-bounds write in XPM extension parsing (CVE-2016-10164)ClosedNatanael Copa

Bug #6753: [3.3] libxpm: Out-of-bounds write in XPM extension parsing (CVE-2016-10164)ClosedNatanael Copa

Bug #6754: [3.2] libxpm: Out-of-bounds write in XPM extension parsing (CVE-2016-10164)ClosedNatanael Copa

History

#1 Updated by Alicha CH over 2 years ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from New to Closed

Also available in: Atom PDF