ID CVE-2015-3418
Summary The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.
References
Vulnerable Configurations
  • X.Org xorg-server 1.16.3
    cpe:2.3:a:x.org:xorg-server:1.16.3
CVSS
Base: 5.0 (as of 15-12-2016 - 09:26)
Impact:
Exploitability:
CWE CWE-369
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2015-1025-1.NASL
    description This update for xorg-x11-server fixes a regression introduced with the fix for CVE-2014-8092 : CVE-2015-3418: Xserver: PutImage crashes Server when called with 0 height. (bsc#928520) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 84116
    published 2015-06-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=84116
    title SUSE SLED11 / SLES11 Security Update : xorg-x11-server (SUSE-SU-2015:1025-1)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201701-64.NASL
    description The remote host is affected by the vulnerability described in GLSA-201701-64 (X.Org X Server: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in X.Org X Server. Please review the CVE identifiers referenced below for details. Impact : An authenticated attacker could possibly cause a Denial of Service condition or read from or send information to arbitrary X11 clients. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2017-01-26
    plugin id 96786
    published 2017-01-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96786
    title GLSA-201701-64 : X.Org X Server: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2015-1127-1.NASL
    description The X Server was updated to fix 1 security issues and 4 bugs : Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 84396
    published 2015-06-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=84396
    title SUSE SLED12 / SLES12 Security Update : xorg-x11-server (SUSE-SU-2015:1127-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-120.NASL
    description Andreas Cord-Landwehr reported an issue where the X.Org Xserver would often crash with an arithmetic exception when maximizing application windows. This issue (CVE-2015-3418) is a regression which got introduced by fixing CVE-2014-8092. The above referenced version of xorg-server in Debian squeeze-lts fixes this regression in the following way : The length checking code validates PutImage height and byte width by making sure that byte-width >= INT32_MAX / height. If height is zero, this generates a divide by zero exception. Allow zero height requests explicitly, bypassing the INT32_MAX check (in dix/dispatch.c). NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-09
    plugin id 82103
    published 2015-03-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82103
    title Debian DLA-120-2 : xorg-server regression update
redhat via4
advisories
bugzilla
id 1208094
title Xorg crashes with SIGFPE in ProcPutImage()
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 6 Client is installed
      oval oval:com.redhat.rhba:tst:20111656001
    • comment Red Hat Enterprise Linux 6 Server is installed
      oval oval:com.redhat.rhba:tst:20111656002
    • comment Red Hat Enterprise Linux 6 Workstation is installed
      oval oval:com.redhat.rhba:tst:20111656003
    • comment Red Hat Enterprise Linux 6 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20111656004
  • OR
    • AND
      • comment xorg-x11-server-Xdmx is earlier than 0:1.15.0-36.el6
        oval oval:com.redhat.rhba:tst:20151445013
      • comment xorg-x11-server-Xdmx is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20141376186
    • AND
      • comment xorg-x11-server-Xephyr is earlier than 0:1.15.0-36.el6
        oval oval:com.redhat.rhba:tst:20151445009
      • comment xorg-x11-server-Xephyr is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20141376190
    • AND
      • comment xorg-x11-server-Xnest is earlier than 0:1.15.0-36.el6
        oval oval:com.redhat.rhba:tst:20151445011
      • comment xorg-x11-server-Xnest is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20141376196
    • AND
      • comment xorg-x11-server-Xorg is earlier than 0:1.15.0-36.el6
        oval oval:com.redhat.rhba:tst:20151445017
      • comment xorg-x11-server-Xorg is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20141376194
    • AND
      • comment xorg-x11-server-Xvfb is earlier than 0:1.15.0-36.el6
        oval oval:com.redhat.rhba:tst:20151445007
      • comment xorg-x11-server-Xvfb is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20141376200
    • AND
      • comment xorg-x11-server-common is earlier than 0:1.15.0-36.el6
        oval oval:com.redhat.rhba:tst:20151445005
      • comment xorg-x11-server-common is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20141376192
    • AND
      • comment xorg-x11-server-devel is earlier than 0:1.15.0-36.el6
        oval oval:com.redhat.rhba:tst:20151445015
      • comment xorg-x11-server-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20141376198
    • AND
      • comment xorg-x11-server-source is earlier than 0:1.15.0-36.el6
        oval oval:com.redhat.rhba:tst:20151445019
      • comment xorg-x11-server-source is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20141376188
rhsa
released 2015-07-22
severity None
title RHBA-2015:1445: xorg-x11-server bug fix and enhancement update (None)
rpms
  • xorg-x11-server-Xdmx-0:1.15.0-36.el6
  • xorg-x11-server-Xephyr-0:1.15.0-36.el6
  • xorg-x11-server-Xnest-0:1.15.0-36.el6
  • xorg-x11-server-Xorg-0:1.15.0-36.el6
  • xorg-x11-server-Xvfb-0:1.15.0-36.el6
  • xorg-x11-server-common-0:1.15.0-36.el6
  • xorg-x11-server-devel-0:1.15.0-36.el6
  • xorg-x11-server-source-0:1.15.0-36.el6
refmap via4
bid 74328
confirm
gentoo GLSA-201701-64
mlist [xorg-announce] 20150210 xorg-server 1.16.4
Last major update 15-12-2016 - 10:12
Published 13-12-2016 - 11:59
Last modified 29-01-2018 - 21:29
Back to Top