Lucene search

K
mageiaGentoo FoundationMGASA-2015-0316
HistoryAug 21, 2015 - 9:54 p.m.

Updated x11-server packages fix security vulnerability

2015-08-2121:54:52
Gentoo Foundation
advisories.mageia.org
5

3.6 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

5.1%

The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket (CVE-2015-3164).

OSVersionArchitecturePackageVersionFilename
Mageia5noarchx11-server< 1.16.4-2.1x11-server-1.16.4-2.1.mga5

3.6 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

5.1%