Vulnerability CVE-2016-7951: Information

Description

Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2016-7951
Published: Dec. 13, 2016
Modified: Nov. 7, 2023
Error type identifier: CWE-125CWE-190

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
libXtstsisyphus1.2.3-alt11.2.4-alt1ALT-PU-2020-3326-1261890Fixed
libXtstp101.2.3-alt11.2.3-alt1ALT-PU-2020-3326-1261890Fixed
libXtstp91.2.3-alt11.2.3-alt1ALT-PU-2020-3399-1261891Fixed
libXtstc10f11.2.3-alt11.2.3-alt1ALT-PU-2020-3326-1261890Fixed
libXtstc9f21.2.3-alt11.2.3-alt1ALT-PU-2020-3330-1261908Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
1036945
    FEDORA-2016-c1d4b1df79
      https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3
        [xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
          [oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries
            FEDORA-2016-e6ba110670
              [oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries
                93370

                    1. Configuration 1

                      cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
                      cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*

                      Configuration 2

                      cpe:2.3:a:x:libxtst:*:*:*:*:*:*:*:*
                      End including
                      1.2.2
                  VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                  Version: v24.5.0
                  Back to top