ID CVE-2017-2626
Summary It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list.
References
Vulnerable Configurations
  • cpe:2.3:a:freedesktop:libice:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:libice:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:libice:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:libice:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:libice:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:libice:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:libice:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:libice:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:libice:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:libice:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:libice:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:libice:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:libice:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:libice:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:libice:1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:libice:1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:libice:1.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:libice:1.0.9:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 12-02-2023 - 23:29)
Impact:
Exploitability:
CWE CWE-331
CAPEC
  • Session Credential Falsification through Prediction
    This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:N/A:N
redhat via4
advisories
bugzilla
id 1445423
title blue shadows on ppc64 and s390x
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 7 is installed
      oval oval:com.redhat.rhba:tst:20150364027
    • OR
      • AND
        • comment xorg-x11-proto-devel is earlier than 0:7.7-20.el7
          oval oval:com.redhat.rhsa:tst:20171865001
        • comment xorg-x11-proto-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436068
      • AND
        • comment libXfont2 is earlier than 0:2.0.1-2.el7
          oval oval:com.redhat.rhsa:tst:20171865003
        • comment libXfont2 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865004
      • AND
        • comment libXfont2-devel is earlier than 0:2.0.1-2.el7
          oval oval:com.redhat.rhsa:tst:20171865005
        • comment libXfont2-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865006
      • AND
        • comment libxkbcommon is earlier than 0:0.7.1-1.el7
          oval oval:com.redhat.rhsa:tst:20171865007
        • comment libxkbcommon is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865008
      • AND
        • comment libxkbcommon-devel is earlier than 0:0.7.1-1.el7
          oval oval:com.redhat.rhsa:tst:20171865009
        • comment libxkbcommon-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865010
      • AND
        • comment libxkbcommon-x11 is earlier than 0:0.7.1-1.el7
          oval oval:com.redhat.rhsa:tst:20171865011
        • comment libxkbcommon-x11 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865012
      • AND
        • comment libxkbcommon-x11-devel is earlier than 0:0.7.1-1.el7
          oval oval:com.redhat.rhsa:tst:20171865013
        • comment libxkbcommon-x11-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865014
      • AND
        • comment drm-utils is earlier than 0:2.4.74-1.el7
          oval oval:com.redhat.rhsa:tst:20171865015
        • comment drm-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865016
      • AND
        • comment libdrm is earlier than 0:2.4.74-1.el7
          oval oval:com.redhat.rhsa:tst:20171865017
        • comment libdrm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376116
      • AND
        • comment libdrm-devel is earlier than 0:2.4.74-1.el7
          oval oval:com.redhat.rhsa:tst:20171865019
        • comment libdrm-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376118
      • AND
        • comment libepoxy is earlier than 0:1.3.1-1.el7
          oval oval:com.redhat.rhsa:tst:20171865021
        • comment libepoxy is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865022
      • AND
        • comment libepoxy-devel is earlier than 0:1.3.1-1.el7
          oval oval:com.redhat.rhsa:tst:20171865023
        • comment libepoxy-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865024
      • AND
        • comment libevdev is earlier than 0:1.5.6-1.el7
          oval oval:com.redhat.rhsa:tst:20171865025
        • comment libevdev is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865026
      • AND
        • comment libevdev-devel is earlier than 0:1.5.6-1.el7
          oval oval:com.redhat.rhsa:tst:20171865027
        • comment libevdev-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865028
      • AND
        • comment libevdev-utils is earlier than 0:1.5.6-1.el7
          oval oval:com.redhat.rhsa:tst:20171865029
        • comment libevdev-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865030
      • AND
        • comment xcb-proto is earlier than 0:1.12-2.el7
          oval oval:com.redhat.rhsa:tst:20171865031
        • comment xcb-proto is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436072
      • AND
        • comment libxcb is earlier than 0:1.12-1.el7
          oval oval:com.redhat.rhsa:tst:20171865033
        • comment libxcb is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436078
      • AND
        • comment libxcb-devel is earlier than 0:1.12-1.el7
          oval oval:com.redhat.rhsa:tst:20171865035
        • comment libxcb-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436080
      • AND
        • comment libxcb-doc is earlier than 0:1.12-1.el7
          oval oval:com.redhat.rhsa:tst:20171865037
        • comment libxcb-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436082
      • AND
        • comment libXrandr is earlier than 0:1.5.1-2.el7
          oval oval:com.redhat.rhsa:tst:20171865039
        • comment libXrandr is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436022
      • AND
        • comment libXrandr-devel is earlier than 0:1.5.1-2.el7
          oval oval:com.redhat.rhsa:tst:20171865041
        • comment libXrandr-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436024
      • AND
        • comment libXfixes is earlier than 0:5.0.3-1.el7
          oval oval:com.redhat.rhsa:tst:20171865043
        • comment libXfixes is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436010
      • AND
        • comment libXfixes-devel is earlier than 0:5.0.3-1.el7
          oval oval:com.redhat.rhsa:tst:20171865045
        • comment libXfixes-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436012
      • AND
        • comment libXi is earlier than 0:1.7.9-1.el7
          oval oval:com.redhat.rhsa:tst:20171865047
        • comment libXi is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436086
      • AND
        • comment libXi-devel is earlier than 0:1.7.9-1.el7
          oval oval:com.redhat.rhsa:tst:20171865049
        • comment libXi-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436088
      • AND
        • comment libXtst is earlier than 0:1.2.3-1.el7
          oval oval:com.redhat.rhsa:tst:20171865051
        • comment libXtst is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436038
      • AND
        • comment libXtst-devel is earlier than 0:1.2.3-1.el7
          oval oval:com.redhat.rhsa:tst:20171865053
        • comment libXtst-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436040
      • AND
        • comment libXrender is earlier than 0:0.9.10-1.el7
          oval oval:com.redhat.rhsa:tst:20171865055
        • comment libXrender is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436026
      • AND
        • comment libXrender-devel is earlier than 0:0.9.10-1.el7
          oval oval:com.redhat.rhsa:tst:20171865057
        • comment libXrender-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436028
      • AND
        • comment libXt is earlier than 0:1.1.5-3.el7
          oval oval:com.redhat.rhsa:tst:20171865059
        • comment libXt is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436034
      • AND
        • comment libXt-devel is earlier than 0:1.1.5-3.el7
          oval oval:com.redhat.rhsa:tst:20171865061
        • comment libXt-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436036
      • AND
        • comment libXpm is earlier than 0:3.5.12-1.el7
          oval oval:com.redhat.rhsa:tst:20171865063
        • comment libXpm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865064
      • AND
        • comment libXpm-devel is earlier than 0:3.5.12-1.el7
          oval oval:com.redhat.rhsa:tst:20171865065
        • comment libXpm-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865066
      • AND
        • comment libXaw is earlier than 0:1.0.13-4.el7
          oval oval:com.redhat.rhsa:tst:20171865067
        • comment libXaw is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865068
      • AND
        • comment libXaw-devel is earlier than 0:1.0.13-4.el7
          oval oval:com.redhat.rhsa:tst:20171865069
        • comment libXaw-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865070
      • AND
        • comment libXv is earlier than 0:1.0.11-1.el7
          oval oval:com.redhat.rhsa:tst:20171865071
        • comment libXv is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436042
      • AND
        • comment libXv-devel is earlier than 0:1.0.11-1.el7
          oval oval:com.redhat.rhsa:tst:20171865073
        • comment libXv-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436044
      • AND
        • comment libXvMC is earlier than 0:1.0.10-1.el7
          oval oval:com.redhat.rhsa:tst:20171865075
        • comment libXvMC is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436050
      • AND
        • comment libXvMC-devel is earlier than 0:1.0.10-1.el7
          oval oval:com.redhat.rhsa:tst:20171865077
        • comment libXvMC-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436052
      • AND
        • comment libXxf86vm is earlier than 0:1.1.4-1.el7
          oval oval:com.redhat.rhsa:tst:20171865079
        • comment libXxf86vm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436058
      • AND
        • comment libXxf86vm-devel is earlier than 0:1.1.4-1.el7
          oval oval:com.redhat.rhsa:tst:20171865081
        • comment libXxf86vm-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436060
      • AND
        • comment libxkbfile is earlier than 0:1.0.9-3.el7
          oval oval:com.redhat.rhsa:tst:20171865083
        • comment libxkbfile is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865084
      • AND
        • comment libxkbfile-devel is earlier than 0:1.0.9-3.el7
          oval oval:com.redhat.rhsa:tst:20171865085
        • comment libxkbfile-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865086
      • AND
        • comment libfontenc is earlier than 0:1.1.3-3.el7
          oval oval:com.redhat.rhsa:tst:20171865087
        • comment libfontenc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865088
      • AND
        • comment libfontenc-devel is earlier than 0:1.1.3-3.el7
          oval oval:com.redhat.rhsa:tst:20171865089
        • comment libfontenc-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865090
      • AND
        • comment libXfont is earlier than 0:1.5.2-1.el7
          oval oval:com.redhat.rhsa:tst:20171865091
        • comment libXfont is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20111154002
      • AND
        • comment libXfont-devel is earlier than 0:1.5.2-1.el7
          oval oval:com.redhat.rhsa:tst:20171865093
        • comment libXfont-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20111154004
      • AND
        • comment xkeyboard-config is earlier than 0:2.20-1.el7
          oval oval:com.redhat.rhsa:tst:20171865095
        • comment xkeyboard-config is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436074
      • AND
        • comment xkeyboard-config-devel is earlier than 0:2.20-1.el7
          oval oval:com.redhat.rhsa:tst:20171865097
        • comment xkeyboard-config-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436076
      • AND
        • comment libvdpau is earlier than 0:1.1.1-3.el7
          oval oval:com.redhat.rhsa:tst:20171865099
        • comment libvdpau is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865100
      • AND
        • comment libvdpau-devel is earlier than 0:1.1.1-3.el7
          oval oval:com.redhat.rhsa:tst:20171865101
        • comment libvdpau-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865102
      • AND
        • comment libvdpau-docs is earlier than 0:1.1.1-3.el7
          oval oval:com.redhat.rhsa:tst:20171865103
        • comment libvdpau-docs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865104
      • AND
        • comment libXcursor is earlier than 0:1.1.14-8.el7
          oval oval:com.redhat.rhsa:tst:20171865105
        • comment libXcursor is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436002
      • AND
        • comment libXcursor-devel is earlier than 0:1.1.14-8.el7
          oval oval:com.redhat.rhsa:tst:20171865107
        • comment libXcursor-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436004
      • AND
        • comment libwacom is earlier than 0:0.24-1.el7
          oval oval:com.redhat.rhsa:tst:20171865109
        • comment libwacom is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376048
      • AND
        • comment libwacom-data is earlier than 0:0.24-1.el7
          oval oval:com.redhat.rhsa:tst:20171865111
        • comment libwacom-data is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376050
      • AND
        • comment libwacom-devel is earlier than 0:0.24-1.el7
          oval oval:com.redhat.rhsa:tst:20171865113
        • comment libwacom-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376052
      • AND
        • comment libinput is earlier than 0:1.6.3-2.el7
          oval oval:com.redhat.rhsa:tst:20171865115
        • comment libinput is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865116
      • AND
        • comment libinput-devel is earlier than 0:1.6.3-2.el7
          oval oval:com.redhat.rhsa:tst:20171865117
        • comment libinput-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865118
      • AND
        • comment vulkan is earlier than 0:1.0.39.1-2.el7
          oval oval:com.redhat.rhsa:tst:20171865119
        • comment vulkan is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865120
      • AND
        • comment vulkan-devel is earlier than 0:1.0.39.1-2.el7
          oval oval:com.redhat.rhsa:tst:20171865121
        • comment vulkan-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865122
      • AND
        • comment vulkan-filesystem is earlier than 0:1.0.39.1-2.el7
          oval oval:com.redhat.rhsa:tst:20171865123
        • comment vulkan-filesystem is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865124
      • AND
        • comment mesa-private-llvm is earlier than 0:3.9.1-3.el7
          oval oval:com.redhat.rhsa:tst:20171865125
        • comment mesa-private-llvm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376080
      • AND
        • comment mesa-private-llvm-devel is earlier than 0:3.9.1-3.el7
          oval oval:com.redhat.rhsa:tst:20171865127
        • comment mesa-private-llvm-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376082
      • AND
        • comment libX11 is earlier than 0:1.6.5-1.el7
          oval oval:com.redhat.rhsa:tst:20171865129
        • comment libX11 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436062
      • AND
        • comment libX11-common is earlier than 0:1.6.5-1.el7
          oval oval:com.redhat.rhsa:tst:20171865131
        • comment libX11-common is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436064
      • AND
        • comment libX11-devel is earlier than 0:1.6.5-1.el7
          oval oval:com.redhat.rhsa:tst:20171865133
        • comment libX11-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141436066
      • AND
        • comment libXdmcp is earlier than 0:1.1.2-6.el7
          oval oval:com.redhat.rhsa:tst:20171865135
        • comment libXdmcp is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865136
      • AND
        • comment libXdmcp-devel is earlier than 0:1.1.2-6.el7
          oval oval:com.redhat.rhsa:tst:20171865137
        • comment libXdmcp-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865138
      • AND
        • comment libICE is earlier than 0:1.0.9-9.el7
          oval oval:com.redhat.rhsa:tst:20171865139
        • comment libICE is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865140
      • AND
        • comment libICE-devel is earlier than 0:1.0.9-9.el7
          oval oval:com.redhat.rhsa:tst:20171865141
        • comment libICE-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865142
      • AND
        • comment mesa-dri-drivers is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865143
        • comment mesa-dri-drivers is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376128
      • AND
        • comment mesa-filesystem is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865145
        • comment mesa-filesystem is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865146
      • AND
        • comment mesa-libEGL is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865147
        • comment mesa-libEGL is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376132
      • AND
        • comment mesa-libEGL-devel is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865149
        • comment mesa-libEGL-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376134
      • AND
        • comment mesa-libGL is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865151
        • comment mesa-libGL is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376136
      • AND
        • comment mesa-libGL-devel is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865153
        • comment mesa-libGL-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376138
      • AND
        • comment mesa-libGLES is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865155
        • comment mesa-libGLES is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865156
      • AND
        • comment mesa-libGLES-devel is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865157
        • comment mesa-libGLES-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865158
      • AND
        • comment mesa-libOSMesa is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865159
        • comment mesa-libOSMesa is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376144
      • AND
        • comment mesa-libOSMesa-devel is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865161
        • comment mesa-libOSMesa-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376146
      • AND
        • comment mesa-libgbm is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865163
        • comment mesa-libgbm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376148
      • AND
        • comment mesa-libgbm-devel is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865165
        • comment mesa-libgbm-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20141376150
      • AND
        • comment mesa-libglapi is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865167
        • comment mesa-libglapi is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865168
      • AND
        • comment mesa-libxatracker is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865169
        • comment mesa-libxatracker is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865170
      • AND
        • comment mesa-libxatracker-devel is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865171
        • comment mesa-libxatracker-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865172
      • AND
        • comment mesa-vulkan-drivers is earlier than 0:17.0.1-6.20170307.el7
          oval oval:com.redhat.rhsa:tst:20171865173
        • comment mesa-vulkan-drivers is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20171865174
rhsa
id RHSA-2017:1865
released 2017-08-01
severity Moderate
title RHSA-2017:1865: X.org X11 libraries security, bug fix and enhancement update (Moderate)
rpms
  • drm-utils-0:2.4.74-1.el7
  • libICE-0:1.0.9-9.el7
  • libICE-debuginfo-0:1.0.9-9.el7
  • libICE-devel-0:1.0.9-9.el7
  • libX11-0:1.6.5-1.el7
  • libX11-common-0:1.6.5-1.el7
  • libX11-debuginfo-0:1.6.5-1.el7
  • libX11-devel-0:1.6.5-1.el7
  • libXaw-0:1.0.13-4.el7
  • libXaw-debuginfo-0:1.0.13-4.el7
  • libXaw-devel-0:1.0.13-4.el7
  • libXcursor-0:1.1.14-8.el7
  • libXcursor-debuginfo-0:1.1.14-8.el7
  • libXcursor-devel-0:1.1.14-8.el7
  • libXdmcp-0:1.1.2-6.el7
  • libXdmcp-debuginfo-0:1.1.2-6.el7
  • libXdmcp-devel-0:1.1.2-6.el7
  • libXfixes-0:5.0.3-1.el7
  • libXfixes-debuginfo-0:5.0.3-1.el7
  • libXfixes-devel-0:5.0.3-1.el7
  • libXfont-0:1.5.2-1.el7
  • libXfont-debuginfo-0:1.5.2-1.el7
  • libXfont-devel-0:1.5.2-1.el7
  • libXfont2-0:2.0.1-2.el7
  • libXfont2-debuginfo-0:2.0.1-2.el7
  • libXfont2-devel-0:2.0.1-2.el7
  • libXi-0:1.7.9-1.el7
  • libXi-debuginfo-0:1.7.9-1.el7
  • libXi-devel-0:1.7.9-1.el7
  • libXpm-0:3.5.12-1.el7
  • libXpm-debuginfo-0:3.5.12-1.el7
  • libXpm-devel-0:3.5.12-1.el7
  • libXrandr-0:1.5.1-2.el7
  • libXrandr-debuginfo-0:1.5.1-2.el7
  • libXrandr-devel-0:1.5.1-2.el7
  • libXrender-0:0.9.10-1.el7
  • libXrender-debuginfo-0:0.9.10-1.el7
  • libXrender-devel-0:0.9.10-1.el7
  • libXt-0:1.1.5-3.el7
  • libXt-debuginfo-0:1.1.5-3.el7
  • libXt-devel-0:1.1.5-3.el7
  • libXtst-0:1.2.3-1.el7
  • libXtst-debuginfo-0:1.2.3-1.el7
  • libXtst-devel-0:1.2.3-1.el7
  • libXv-0:1.0.11-1.el7
  • libXv-debuginfo-0:1.0.11-1.el7
  • libXv-devel-0:1.0.11-1.el7
  • libXvMC-0:1.0.10-1.el7
  • libXvMC-debuginfo-0:1.0.10-1.el7
  • libXvMC-devel-0:1.0.10-1.el7
  • libXxf86vm-0:1.1.4-1.el7
  • libXxf86vm-debuginfo-0:1.1.4-1.el7
  • libXxf86vm-devel-0:1.1.4-1.el7
  • libdrm-0:2.4.74-1.el7
  • libdrm-debuginfo-0:2.4.74-1.el7
  • libdrm-devel-0:2.4.74-1.el7
  • libepoxy-0:1.3.1-1.el7
  • libepoxy-debuginfo-0:1.3.1-1.el7
  • libepoxy-devel-0:1.3.1-1.el7
  • libevdev-0:1.5.6-1.el7
  • libevdev-debuginfo-0:1.5.6-1.el7
  • libevdev-devel-0:1.5.6-1.el7
  • libevdev-utils-0:1.5.6-1.el7
  • libfontenc-0:1.1.3-3.el7
  • libfontenc-debuginfo-0:1.1.3-3.el7
  • libfontenc-devel-0:1.1.3-3.el7
  • libinput-0:1.6.3-2.el7
  • libinput-debuginfo-0:1.6.3-2.el7
  • libinput-devel-0:1.6.3-2.el7
  • libvdpau-0:1.1.1-3.el7
  • libvdpau-debuginfo-0:1.1.1-3.el7
  • libvdpau-devel-0:1.1.1-3.el7
  • libvdpau-docs-0:1.1.1-3.el7
  • libwacom-0:0.24-1.el7
  • libwacom-data-0:0.24-1.el7
  • libwacom-debuginfo-0:0.24-1.el7
  • libwacom-devel-0:0.24-1.el7
  • libxcb-0:1.12-1.el7
  • libxcb-debuginfo-0:1.12-1.el7
  • libxcb-devel-0:1.12-1.el7
  • libxcb-doc-0:1.12-1.el7
  • libxkbcommon-0:0.7.1-1.el7
  • libxkbcommon-debuginfo-0:0.7.1-1.el7
  • libxkbcommon-devel-0:0.7.1-1.el7
  • libxkbcommon-x11-0:0.7.1-1.el7
  • libxkbcommon-x11-devel-0:0.7.1-1.el7
  • libxkbfile-0:1.0.9-3.el7
  • libxkbfile-debuginfo-0:1.0.9-3.el7
  • libxkbfile-devel-0:1.0.9-3.el7
  • mesa-debuginfo-0:17.0.1-6.20170307.el7
  • mesa-dri-drivers-0:17.0.1-6.20170307.el7
  • mesa-filesystem-0:17.0.1-6.20170307.el7
  • mesa-libEGL-0:17.0.1-6.20170307.el7
  • mesa-libEGL-devel-0:17.0.1-6.20170307.el7
  • mesa-libGL-0:17.0.1-6.20170307.el7
  • mesa-libGL-devel-0:17.0.1-6.20170307.el7
  • mesa-libGLES-0:17.0.1-6.20170307.el7
  • mesa-libGLES-devel-0:17.0.1-6.20170307.el7
  • mesa-libOSMesa-0:17.0.1-6.20170307.el7
  • mesa-libOSMesa-devel-0:17.0.1-6.20170307.el7
  • mesa-libgbm-0:17.0.1-6.20170307.el7
  • mesa-libgbm-devel-0:17.0.1-6.20170307.el7
  • mesa-libglapi-0:17.0.1-6.20170307.el7
  • mesa-libxatracker-0:17.0.1-6.20170307.el7
  • mesa-libxatracker-devel-0:17.0.1-6.20170307.el7
  • mesa-private-llvm-0:3.9.1-3.el7
  • mesa-private-llvm-debuginfo-0:3.9.1-3.el7
  • mesa-private-llvm-devel-0:3.9.1-3.el7
  • mesa-vulkan-drivers-0:17.0.1-6.20170307.el7
  • vulkan-0:1.0.39.1-2.el7
  • vulkan-debuginfo-0:1.0.39.1-2.el7
  • vulkan-devel-0:1.0.39.1-2.el7
  • vulkan-filesystem-0:1.0.39.1-2.el7
  • xcb-proto-0:1.12-2.el7
  • xkeyboard-config-0:2.20-1.el7
  • xkeyboard-config-devel-0:2.20-1.el7
  • xorg-x11-proto-devel-0:7.7-20.el7
refmap via4
bid 96480
confirm
gentoo GLSA-201704-03
misc https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
mlist
  • [debian-lts-announce] 20191123 [SECURITY] [DLA 2002-1] libice security update
  • [oss-security] 20190714 Fwd: [ANNOUNCE] libICE 1.0.10
sectrack 1037919
Last major update 12-02-2023 - 23:29
Published 27-07-2018 - 19:29
Last modified 12-02-2023 - 23:29
Back to Top