6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.079 Low
EPSS
Percentile
93.3%
X.Org is an open source implementation of the X Window System. It provides
the basic low-level functionality that full-fledged graphical user
interfaces are designed upon.
A buffer over-read flaw was found in the way the X.Org server handled
XkbGetGeometry requests. A malicious, authorized client could use this flaw
to disclose portions of the X.Org server memory, or cause the X.Org server
to crash using a specially crafted XkbGetGeometry request. (CVE-2015-0255)
This issue was discovered by Olivier Fourdan of Red Hat.
All xorg-x11-server users are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue.