The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

weakness announce for X.Org: multiple vulnerabilities - CVE-2016-5407 CVE-2016-7942 CVE-2016-7943

Synthesis of the vulnerability

An attacker can use several vulnerabilities of X.Org.
Severity of this threat: 2/4.
Number of vulnerabilities in this bulletin: 13.
Creation date: 05/10/2016.
Références of this weakness: bulletinoct2016, CVE-2016-5407, CVE-2016-7942, CVE-2016-7943, CVE-2016-7944, CVE-2016-7945, CVE-2016-7946, CVE-2016-7947, CVE-2016-7948, CVE-2016-7949, CVE-2016-7950, CVE-2016-7951, CVE-2016-7952, CVE-2016-7953, DLA-654-1, DLA-660-1, DLA-664-1, DLA-667-1, DLA-671-1, DLA-684-1, DLA-684-2, DLA-685-1, DLA-685-2, DLA-686-1, FEDORA-2016-0e7694c456, FEDORA-2016-21f0de504c, FEDORA-2016-3b41a9eaa8, FEDORA-2016-49d560da23, FEDORA-2016-5aa206bd16, FEDORA-2016-83040426d6, FEDORA-2016-8877cf648b, FEDORA-2016-a236cb3315, FEDORA-2016-b26b497381, FEDORA-2016-c1d4b1df79, FEDORA-2016-cabb6d7ef7, FEDORA-2016-d045c2c7b3, FEDORA-2016-d286ffb801, FEDORA-2016-ff5a2f4839, openSUSE-SU-2016:2600-1, openSUSE-SU-2016:3031-1, openSUSE-SU-2016:3033-1, openSUSE-SU-2016:3034-1, openSUSE-SU-2016:3036-1, openSUSE-SU-2016:3037-1, openSUSE-SU-2016:3059-1, SSA:2016-305-02, USN-3758-1, USN-3758-2, VIGILANCE-VUL-20768.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in X.Org libraries.

An attacker can force a read at an invalid address via libX11 XGetImage(), in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-7942]

An attacker can force a read at an invalid address via libX11 XListFonts(), in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-7943]

An attacker can generate an integer overflow via libXfixes, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-7944]

An attacker can force a read at an invalid address via libXi, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-7945]

An attacker can generate an infinite loop via libXi, in order to trigger a denial of service. [severity:1/4; CVE-2016-7946]

An attacker can generate an integer overflow via libXrandr, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-7947]

An attacker can trigger a fatal error via libXrandr, in order to trigger a denial of service. [severity:1/4; CVE-2016-7948]

An attacker can generate a buffer overflow via libXrender, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-7949]

An attacker can generate a buffer overflow via libXrender XRenderQueryFilters, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-7950]

An attacker can force a read at an invalid address via libXtst XRecord, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-7951]

An attacker can generate an infinite loop via libXtst XRecord, in order to trigger a denial of service. [severity:1/4; CVE-2016-7952]

An attacker can generate a memory corruption via libXv, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-5407]

An attacker can force a read at an invalid address via libXvMC, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-7953]
Full Vigil@nce bulletin... (Free trial)

This vulnerability alert impacts software or systems such as Debian, Fedora, OpenBSD, openSUSE, openSUSE Leap, Solaris, Slackware, Ubuntu, XOrg Bundle ~ not comprehensive, libX11.

Our Vigil@nce team determined that the severity of this computer weakness alert is medium.

The trust level is of type confirmed by the editor, with an origin of intranet server.

This bulletin is about 13 vulnerabilities.

An attacker with a expert ability can exploit this computer vulnerability.

Solutions for this threat

X.Org: fixed versions.
The following versions are fixed:
  libX11 1.6.4
  libXfixes 5.0.3
  libXi 1.7.7
  libXrandr 1.5.1
  libXrender 0.9.10
  libXtst 1.2.3
  libXv 1.0.11
  libXvMC 1.0.10
https://xorg.freedesktop.org/archive/individual/lib/

Debian 7: new libx11 packages.
New packages are available:
  Debian 7: libx11 2:1.5.0-1+deb7u4

Debian 7: new libxi packages.
New packages are available:
  Debian 7: libxi 2:1.6.1-1+deb7u3

Debian 7: new libxrandr packages.
New packages are available:
  Debian 7: libxrandr 2:1.3.2-2+deb7u2

Debian 7: new libxrender packages.
New packages are available:
  Debian 7: libxrender 1:0.9.7-1+deb7u3

Debian 7: new libxtst packages.
New packages are available:
  Debian 7: libxtst 2:1.2.1-1+deb7u2

Debian 7: new libxvmc packages.
New packages are available:
  Debian 7: libxvmc 2:1.0.7-1+deb7u3

Debian 7: new libxv packages.
New packages are available:
  Debian 7: libxv 2:1.0.7-1+deb7u2

Debian 8: new libxfixes packages.
New packages are available:
  Debian 7: libxfixes 1:5.0-4+deb7u2

Fedora: new libX packages.
New packages are available:
  Fedora 23: libXi 1.7.8-2.fc23, libXfixes 5.0.3-1.fc23, libXrender 0.9.10-1.fc23, libXrandr 1.5.1-1.fc23, libXtst 1.2.3-1.fc23, libXv 1.0.11-1.fc23, libXvMC 1.0.10-1.fc23
  Fedora 24: libXi 1.7.7-1.fc24, libXfixes 5.0.3-1.fc24, libXrandr 1.5.1-1.fc24, libXrender 0.9.10-1.fc24, libXtst 1.2.3-1.fc24, libXv 1.0.11-1.fc24, libXvMC 1.0.10-1.fc24

OpenBSD: patch for X.
A patch is available:
  http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/029_xorg_libs.patch.sig
  http://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/011_xorg_libs.patch.sig

openSUSE 13.2: new libXfixes packages.
New packages are available:
  openSUSE 13.2: libXfixes 5.0.1-4.3.1

openSUSE 13.2: new libXrender packages.
New packages are available:
  openSUSE 13.2: libXrender 0.9.8-4.3.1

openSUSE 13.2: new libXtst packages.
New packages are available:
  openSUSE 13.2: libXtst 1.2.2-4.3.1

openSUSE 13.2: new libXvMC packages.
New packages are available:
  openSUSE 13.2: libXvMC 1.0.8-4.3.1

openSUSE 13.2: new libXv packages.
New packages are available:
  openSUSE 13.2: libXv 1.0.10-4.3.1

openSUSE Leap 42.1: new libX11 packages.
New packages are available:
  openSUSE Leap 42.1: libX11 6-1.6.3-6.1

openSUSE: new libX11 packages.
New packages are available:
  openSUSE 13.2: libX11 1.6.2-5.6.1
  openSUSE Leap 42.1: libX11 1.6.3-9.1
  openSUSE Leap 42.2: libXrandr 1.5.0-5.1

Slackware: new x11 packages.
New packages are available, as indicated in information sources.

Solaris: patch for third party software of October 2016 v4.
A patch is available:
  https://support.oracle.com/rs?type=doc&id=1448883.1

Ubuntu: new libx11 packages.
New packages are available:
  Ubuntu 18.04 LTS: libx11 2:1.6.4-3ubuntu0.1
  Ubuntu 16.04 LTS: libx11 2:1.6.3-1ubuntu2.1
  Ubuntu 14.04 LTS: libx11 2:1.6.2-1ubuntu2.1
  Ubuntu 12.04 ESM: libx11 2:1.4.99.1-0ubuntu2.4
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a cybersecurity patch. The technology watch team tracks security threats targeting the computer system.