#VU32228 Integer overflow in libxfixes


Published: 2016-12-13 | Updated: 2020-07-28

Vulnerability identifier: #VU32228

Vulnerability risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-7944

CWE-ID: CWE-190

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libxfixes
Other software / Other software solutions

Vendor: xorg.freedesktop.org

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.

Mitigation
Install update from vendor's website.

Vulnerable software versions

libxfixes: 5.0.1 - 5.0.2

External links
http://www.openwall.com/lists/oss-security/2016/10/04/2
http://www.openwall.com/lists/oss-security/2016/10/04/4
http://www.securityfocus.com/bid/93361
http://www.securitytracker.com/id/1036945
http://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CE6VJWBMOWLSCH4OP4TAEPIA7NP53ON/
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GE43MDCRGS4R7MRRZNVSLREHRLU5OHCV/
http://lists.x.org/archives/xorg-announce/2016-October/002720.html
http://security.gentoo.org/glsa/201704-03

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Ubuntu update for libxfixes
Gentoo update for X.Org
Integer overflow in xorg.freedesktop libxfixes
Slackware Linux update for x11
Integer overflow in libxfixes (Alpine package)