Home

CVE-2015-0255

Description

X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.

Risk Information

Base Score
9.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS Score
Exploitation Probability
6.422

Associated Vulnerability

VulnerabilityOS Platform
X.Org X11 server (USN-2500-1) xserver-xorg-core-lts-utopic_1.16.0-1ubuntu1.2~trusty2_i386.debLinux
X.Org X11 server (USN-2500-1) xserver-xorg-core-lts-utopic_1.16.0-1ubuntu1.2~trusty2_amd64.debLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xdmx-1.15.0-26.el6_6.i686.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xdmx-1.15.0-26.el6_6.x86_64.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xdmx-1.15.0-33.el7_1.x86_64.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xephyr-1.15.0-26.el6_6.i686.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xephyr-1.15.0-26.el6_6.x86_64.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xephyr-1.15.0-33.el7_1.x86_64.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xnest-1.15.0-26.el6_6.i686.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xnest-1.15.0-26.el6_6.x86_64.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xnest-1.15.0-33.el7_1.x86_64.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xorg-1.15.0-26.el6_6.i686.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xorg-1.15.0-26.el6_6.x86_64.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xorg-1.15.0-33.el7_1.x86_64.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xvfb-1.15.0-26.el6_6.i686.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xvfb-1.15.0-26.el6_6.x86_64.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-Xvfb-1.15.0-33.el7_1.x86_64.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-common-1.15.0-26.el6_6.i686.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-common-1.15.0-26.el6_6.x86_64.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-common-1.15.0-33.el7_1.x86_64.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-devel-1.15.0-26.el6_6.i686.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-devel-1.15.0-26.el6_6.x86_64.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-devel-1.15.0-33.el7_1.i686.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-devel-1.15.0-33.el7_1.x86_64.rpmLinux
(RHSA-2015:0797) Moderate: xorg-x11-server security update xorg-x11-server-source-1.15.0-26.el6_6.noarch.rpmLinux
SUSE-SU-2015:0939-1(SUSE Linux Enterprise Desktop 12 ) fltk-debugsource-1.3.2-10.2.x86_64.rpmLinux
SUSE-SU-2015:0939-1(SUSE Linux Enterprise Desktop 12 ) libfltk1-1.3.2-10.2.x86_64.rpmLinux
SUSE-SU-2015:0939-1(SUSE Linux Enterprise Desktop 12 ) libfltk1-debuginfo-1.3.2-10.2.x86_64.rpmLinux
SUSE-SU-2015:0939-1(SUSE Linux Enterprise Desktop 12 ) tigervnc-1.4.1-32.1.x86_64.rpmLinux
SUSE-SU-2015:0939-1(SUSE Linux Enterprise Desktop 12 ) tigervnc-debuginfo-1.4.1-32.1.x86_64.rpmLinux
SUSE-SU-2015:0939-1(SUSE Linux Enterprise Desktop 12 ) tigervnc-debugsource-1.4.1-32.1.x86_64.rpmLinux
SUSE-SU-2015:0939-1(SUSE Linux Enterprise Desktop 12 ) xorg-x11-Xvnc-1.4.1-32.1.x86_64.rpmLinux
SUSE-SU-2015:0939-1(SUSE Linux Enterprise Desktop 12 ) xorg-x11-Xvnc-debuginfo-1.4.1-32.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234