CVE-2017-16611
Description
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.056
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| X11 font rasterisation library (USN-3500-1) libxfont1_1.4.7-1ubuntu0.4_i386.deb | Linux |
| X11 font rasterisation library (USN-3500-1) libxfont1_1.4.7-1ubuntu0.4_amd64.deb | Linux |
| X11 font rasterisation library (USN-3500-1) libxfont1_1.5.2-4ubuntu0.2_i386.deb | Linux |
| X11 font rasterisation library (USN-3500-1) libxfont1_1.5.2-4ubuntu0.2_amd64.deb | Linux |
| X11 font rasterisation library (USN-3500-1) libxfont1_1.5.2-4ubuntu1.1_i386.deb | Linux |
| X11 font rasterisation library (USN-3500-1) libxfont1_1.5.2-4ubuntu1.1_amd64.deb | Linux |
| X11 font rasterisation library (USN-3500-1) libxfont1_1.5.1-1ubuntu0.16.04.4_i386.deb | Linux |
| X11 font rasterisation library (USN-3500-1) libxfont1_1.5.1-1ubuntu0.16.04.4_amd64.deb | Linux |
| X11 font rasterisation library (USN-3500-1) libxfont2_2.0.1-3ubuntu0.2_i386.deb | Linux |
| X11 font rasterisation library (USN-3500-1) libxfont2_2.0.1-3ubuntu0.2_amd64.deb | Linux |
| X11 font rasterisation library (USN-3500-1) libxfont2_2.0.1-3ubuntu1.1_i386.deb | Linux |
| X11 font rasterisation library (USN-3500-1) libxfont2_2.0.1-3ubuntu1.1_amd64.deb | Linux |
| X11 font rasterisation library (USN-3500-1) libxfont2_2.0.1-3~ubuntu16.04.3_i386.deb | Linux |
| X11 font rasterisation library (USN-3500-1) libxfont2_2.0.1-3~ubuntu16.04.3_amd64.deb | Linux |
| Improper Link Resolution Before File Access (Link Following) Vulnerability (CVE-2017-16611) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234