[SECURITY] [DLA 120-2] xorg-server regression update

2015-05-0404:06:46

lists.debian.org

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

73.1%

JSON

Package : xorg-server
Version : 2:1.7.7-18+deb6u3
CVE ID : CVE-2015-3418
Debian Bug : #774308

Andreas Cord-Landwehr reported an issue where the X.Org Xserver would
often crash with an arithmetic exception when maximizing application
windows.

This issue (CVE-2015-3418) is a regression which got introduced by fixing
CVE-2014-8092. The above referenced version of xorg-server in Debian
squeeze-lts fixes this regression in the following way:

The length checking code validates PutImage height and byte width by
making sure that byte-width >= INT32_MAX / height. If height is zero,
this generates a divide by zero exception. Allow zero height requests
explicitly, bypassing the INT32_MAX check (in dix/dispatch.c).

–

mike gabriel aka sunweaver (Debian Developer)
fon: +49 (1520) 1976 148

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: [email protected], http://sunweavers.net

Attachment:
signature.asc
Description: Digital signature

OSVersionArchitecturePackageVersionFilename
Debian7s390xserver-xephyr< 2:1.12.4-6+deb7u6xserver-xephyr_2:1.12.4-6+deb7u6_s390.deb
Debian7s390xserver-xorg-core-udeb< 2:1.12.4-6+deb7u6xserver-xorg-core-udeb_2:1.12.4-6+deb7u6_s390.deb
Debian7kfreebsd-i386xserver-xephyr< 2:1.12.4-6+deb7u6xserver-xephyr_2:1.12.4-6+deb7u6_kfreebsd-i386.deb
Debian7sparcxnest< 2:1.12.4-6+deb7u6xnest_2:1.12.4-6+deb7u6_sparc.deb
Debian7s390xvfb< 2:1.12.4-6+deb7u6xvfb_2:1.12.4-6+deb7u6_s390.deb
Debian7sparcxserver-xorg-core< 2:1.12.4-6+deb7u6xserver-xorg-core_2:1.12.4-6+deb7u6_sparc.deb
Debian6i386xserver-xorg-core-udeb< 2:1.7.7-18+deb6u3xserver-xorg-core-udeb_2:1.7.7-18+deb6u3_i386.deb
Debian7armelxserver-xorg-dev< 2:1.12.4-6+deb7u6xserver-xorg-dev_2:1.12.4-6+deb7u6_armel.deb
Debian7armhfxserver-xorg-dev< 2:1.12.4-6+deb7u6xserver-xorg-dev_2:1.12.4-6+deb7u6_armhf.deb
Debian7mipselxdmx< 2:1.12.4-6+deb7u6xdmx_2:1.12.4-6+deb7u6_mipsel.deb

OS	Version	Architecture	Package	Version	Filename
Debian	7	s390	xserver-xephyr	< 2:1.12.4-6+deb7u6	xserver-xephyr_2:1.12.4-6+deb7u6_s390.deb
Debian	7	s390	xserver-xorg-core-udeb	< 2:1.12.4-6+deb7u6	xserver-xorg-core-udeb_2:1.12.4-6+deb7u6_s390.deb
Debian	7	kfreebsd-i386	xserver-xephyr	< 2:1.12.4-6+deb7u6	xserver-xephyr_2:1.12.4-6+deb7u6_kfreebsd-i386.deb
Debian	7	sparc	xnest	< 2:1.12.4-6+deb7u6	xnest_2:1.12.4-6+deb7u6_sparc.deb
Debian	7	s390	xvfb	< 2:1.12.4-6+deb7u6	xvfb_2:1.12.4-6+deb7u6_s390.deb
Debian	7	sparc	xserver-xorg-core	< 2:1.12.4-6+deb7u6	xserver-xorg-core_2:1.12.4-6+deb7u6_sparc.deb
Debian	6	i386	xserver-xorg-core-udeb	< 2:1.7.7-18+deb6u3	xserver-xorg-core-udeb_2:1.7.7-18+deb6u3_i386.deb
Debian	7	armel	xserver-xorg-dev	< 2:1.12.4-6+deb7u6	xserver-xorg-dev_2:1.12.4-6+deb7u6_armel.deb
Debian	7	armhf	xserver-xorg-dev	< 2:1.12.4-6+deb7u6	xserver-xorg-dev_2:1.12.4-6+deb7u6_armhf.deb
Debian	7	mipsel	xdmx	< 2:1.12.4-6+deb7u6	xdmx_2:1.12.4-6+deb7u6_mipsel.deb