7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.017 Low
EPSS
Percentile
87.7%
libXpm is a pixmap manipulation library for the X Window System, included in X.org.
Chris Gilbert has discovered potentially exploitable buffer overflow cases in libXpm that weren’t fixed in previous libXpm versions.
A carefully-crafted XPM file could crash X.org, potentially allowing the execution of arbitrary code with the privileges of the user running the application.
There is no known workaround at this time.
All X.org users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose x11-base/xorg-x11
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | x11-base/xorg-x11 | < 6.8.2-r1 | UNKNOWN |