Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-12176
Vulnerability from cvelistv5
Published
2018-01-24 15:00
Modified
2024-09-16 17:43
Severity ?
EPSS score ?
Summary
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The X.Org Foundation | xorg-x11-server |
Version: before 1.19.5 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:28:16.655Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-4000", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2017/dsa-4000", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1509214", }, { name: "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html", }, { name: "GLSA-201711-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201711-05", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "xorg-x11-server", vendor: "The X.Org Foundation", versions: [ { status: "affected", version: "before 1.19.5", }, ], }, ], datePublic: "2017-10-10T00:00:00", descriptions: [ { lang: "en", value: "xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-391", description: "CWE-391", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-02-02T10:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "DSA-4000", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2017/dsa-4000", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1509214", }, { name: "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html", }, { name: "GLSA-201711-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201711-05", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", DATE_PUBLIC: "2017-10-10T00:00:00", ID: "CVE-2017-12176", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "xorg-x11-server", version: { version_data: [ { version_value: "before 1.19.5", }, ], }, }, ], }, vendor_name: "The X.Org Foundation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-391", }, ], }, ], }, references: { reference_data: [ { name: "DSA-4000", refsource: "DEBIAN", url: "https://www.debian.org/security/2017/dsa-4000", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1509214", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1509214", }, { name: "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html", }, { name: "GLSA-201711-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201711-05", }, { name: "https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81", refsource: "CONFIRM", url: "https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2017-12176", datePublished: "2018-01-24T15:00:00Z", dateReserved: "2017-08-01T00:00:00", dateUpdated: "2024-09-16T17:43:41.126Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2017-12176\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2018-01-24T15:29:00.247\",\"lastModified\":\"2024-11-21T03:08:59.427\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.\"},{\"lang\":\"es\",\"value\":\"xorg-x11-server en versiones anteriores a la 1.19.5 no tenía una validación extra de longitud en la función ProcEstablishConnection, lo que permitía que atacantes remotos permitan que el cliente malicioso X provoque que el servidor X se cierre inesperadamente o que, posiblemente, ejecute código arbitrario.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-391\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.19.5\",\"matchCriteriaId\":\"D7F78F58-F48F-46EB-8765-2C40367BF8A1\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1509214\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201711-05\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.debian.org/security/2017/dsa-4000\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1509214\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201711-05\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.debian.org/security/2017/dsa-4000\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}", }, }
suse-su-2017:3047-1
Vulnerability from csaf_suse
Published
2017-11-22 16:16
Modified
2017-11-22 16:16
Summary
Security update for xorg-x11-server
Notes
Title of the patch
Security update for xorg-x11-server
Description of the patch
This update for xorg-x11-server fixes several issues.
These security issues were fixed:
- CVE-2017-13721: Missing validation of shmseg resource id in Xext/XShm
could lead to shared memory segments of other users beeing freed
(bnc#1052984)
- CVE-2017-13723: A local denial of service via unusual characters in XkbAtomText and XkbStringText was fixed (bnc#1051150)
- CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187: Fixed
unvalidated lengths in multiple extensions (bsc#1063034)
- CVE-2017-12183: Fixed some unvalidated lengths in the XFIXES
extension. (bsc#1063035)
- CVE-2017-12180,CVE-2017-12181,CVE-2017-12182: Fixed various unvalidated
lengths in the XFree86-VidMode/XFree86-DGA/XFree86-DRI extensions
(bsc#1063037)
- CVE-2017-12179: Fixed an integer overflow and unvalidated length in
(S)ProcXIBarrierReleasePointer in Xi (bsc#1063038)
- CVE-2017-12178: Fixed a wrong extra length check in
ProcXIChangeHierarchy in Xi (bsc#1063039)
- CVE-2017-12177: Fixed an unvalidated variable-length request in
ProcDbeGetVisualInfo (bsc#1063040)
- CVE-2017-12176: Fixed an unvalidated extra length in
ProcEstablishConnection (bsc#1063041)
These non-security issues were fixed:
- Make colormap/gamma glue code work with the RandR extension disabled. This prevents it
from crashing and showing wrong colors. (bsc#1061107)
- Recognize ssh as a remote client to fix launching applications remotely when using DRI3.
(bsc#1022727)
Patchnames
SUSE-SLE-DESKTOP-12-SP2-2017-1884,SUSE-SLE-DESKTOP-12-SP3-2017-1884,SUSE-SLE-RPI-12-SP2-2017-1884,SUSE-SLE-SDK-12-SP2-2017-1884,SUSE-SLE-SDK-12-SP3-2017-1884,SUSE-SLE-SERVER-12-SP2-2017-1884,SUSE-SLE-SERVER-12-SP3-2017-1884
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for xorg-x11-server", title: "Title of the patch", }, { category: "description", text: "\n\nThis update for xorg-x11-server fixes several issues.\n\nThese security issues were fixed:\n\n- CVE-2017-13721: Missing validation of shmseg resource id in Xext/XShm\n could lead to shared memory segments of other users beeing freed\n (bnc#1052984)\n- CVE-2017-13723: A local denial of service via unusual characters in XkbAtomText and XkbStringText was fixed (bnc#1051150)\n- CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187: Fixed\n unvalidated lengths in multiple extensions (bsc#1063034)\n- CVE-2017-12183: Fixed some unvalidated lengths in the XFIXES\n extension. (bsc#1063035)\n- CVE-2017-12180,CVE-2017-12181,CVE-2017-12182: Fixed various unvalidated\n lengths in the XFree86-VidMode/XFree86-DGA/XFree86-DRI extensions\n (bsc#1063037)\n- CVE-2017-12179: Fixed an integer overflow and unvalidated length in\n (S)ProcXIBarrierReleasePointer in Xi (bsc#1063038)\n- CVE-2017-12178: Fixed a wrong extra length check in\n ProcXIChangeHierarchy in Xi (bsc#1063039)\n- CVE-2017-12177: Fixed an unvalidated variable-length request in\n ProcDbeGetVisualInfo (bsc#1063040)\n- CVE-2017-12176: Fixed an unvalidated extra length in\n ProcEstablishConnection (bsc#1063041)\n\n\nThese non-security issues were fixed:\n\n- Make colormap/gamma glue code work with the RandR extension disabled. This prevents it\n from crashing and showing wrong colors. (bsc#1061107)\n- Recognize ssh as a remote client to fix launching applications remotely when using DRI3.\n (bsc#1022727)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-DESKTOP-12-SP2-2017-1884,SUSE-SLE-DESKTOP-12-SP3-2017-1884,SUSE-SLE-RPI-12-SP2-2017-1884,SUSE-SLE-SDK-12-SP2-2017-1884,SUSE-SLE-SDK-12-SP3-2017-1884,SUSE-SLE-SERVER-12-SP2-2017-1884,SUSE-SLE-SERVER-12-SP3-2017-1884", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_3047-1.json", }, { category: "self", summary: "URL for SUSE-SU-2017:3047-1", url: "https://www.suse.com/support/update/announcement/2017/suse-su-20173047-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2017:3047-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2017-November/003402.html", }, { category: "self", summary: "SUSE Bug 1022727", url: "https://bugzilla.suse.com/1022727", }, { category: "self", summary: "SUSE Bug 1051150", url: "https://bugzilla.suse.com/1051150", }, { category: "self", summary: "SUSE Bug 1052984", url: "https://bugzilla.suse.com/1052984", }, { category: "self", summary: "SUSE Bug 1061107", url: "https://bugzilla.suse.com/1061107", }, { category: "self", summary: "SUSE Bug 1063034", url: "https://bugzilla.suse.com/1063034", }, { category: "self", summary: "SUSE Bug 1063035", url: "https://bugzilla.suse.com/1063035", }, { category: "self", summary: "SUSE Bug 1063037", url: "https://bugzilla.suse.com/1063037", }, { category: "self", summary: "SUSE Bug 1063038", url: "https://bugzilla.suse.com/1063038", }, { category: "self", summary: "SUSE Bug 1063039", url: "https://bugzilla.suse.com/1063039", }, { category: "self", summary: "SUSE Bug 1063040", url: "https://bugzilla.suse.com/1063040", }, { category: "self", summary: "SUSE Bug 1063041", url: "https://bugzilla.suse.com/1063041", }, { category: "self", summary: "SUSE CVE CVE-2017-12176 page", url: "https://www.suse.com/security/cve/CVE-2017-12176/", }, { category: "self", summary: "SUSE CVE CVE-2017-12177 page", url: "https://www.suse.com/security/cve/CVE-2017-12177/", }, { category: "self", summary: "SUSE CVE CVE-2017-12178 page", url: "https://www.suse.com/security/cve/CVE-2017-12178/", }, { category: "self", summary: "SUSE CVE CVE-2017-12179 page", url: "https://www.suse.com/security/cve/CVE-2017-12179/", }, { category: "self", summary: "SUSE CVE CVE-2017-12180 page", url: "https://www.suse.com/security/cve/CVE-2017-12180/", }, { category: "self", summary: "SUSE CVE CVE-2017-12181 page", url: "https://www.suse.com/security/cve/CVE-2017-12181/", }, { category: "self", summary: "SUSE CVE CVE-2017-12182 page", url: "https://www.suse.com/security/cve/CVE-2017-12182/", }, { category: "self", summary: "SUSE CVE CVE-2017-12183 page", url: "https://www.suse.com/security/cve/CVE-2017-12183/", }, { category: "self", summary: "SUSE CVE CVE-2017-12184 page", url: "https://www.suse.com/security/cve/CVE-2017-12184/", }, { category: "self", summary: "SUSE CVE CVE-2017-12185 page", url: "https://www.suse.com/security/cve/CVE-2017-12185/", }, { category: "self", summary: "SUSE CVE CVE-2017-12186 page", url: "https://www.suse.com/security/cve/CVE-2017-12186/", }, { category: "self", summary: "SUSE CVE CVE-2017-12187 page", url: "https://www.suse.com/security/cve/CVE-2017-12187/", }, { category: "self", summary: "SUSE CVE CVE-2017-13721 page", url: "https://www.suse.com/security/cve/CVE-2017-13721/", }, { category: "self", summary: "SUSE CVE CVE-2017-13723 page", url: "https://www.suse.com/security/cve/CVE-2017-13723/", }, ], title: "Security update for xorg-x11-server", tracking: { current_release_date: "2017-11-22T16:16:29Z", generator: { date: "2017-11-22T16:16:29Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2017:3047-1", initial_release_date: "2017-11-22T16:16:29Z", revision_history: [ { date: "2017-11-22T16:16:29Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", product: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", product_id: "xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", }, }, { category: "product_version", name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", product: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", product_id: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", }, }, { category: "product_version", name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", product: { name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", product_id: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", product: { name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", product_id: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", }, }, { category: "product_version", name: "xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", product: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", product_id: "xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", }, }, { category: "product_version", name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", product: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", product_id: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", product: { name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", product_id: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", }, }, { category: "product_version", name: "xorg-x11-server-7.6_1.18.3-76.15.2.s390x", product: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.s390x", product_id: "xorg-x11-server-7.6_1.18.3-76.15.2.s390x", }, }, { category: "product_version", name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", product: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", product_id: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", product: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", product_id: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", }, }, { category: "product_version", name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", product: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", product_id: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", }, }, { category: "product_version", name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", product: { name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", product_id: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP2", product: { name: "SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP3", product: { name: "SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product: { name: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12 SP2", product: { name: "SUSE Linux Enterprise Software Development Kit 12 SP2", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12 SP3", product: { name: "SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2", product: { name: "SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3", product: { name: "SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP2", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", }, product_reference: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP2", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", }, product_reference: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP2", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", }, product_reference: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP2", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", }, product_reference: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", }, product_reference: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", }, product_reference: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", }, product_reference: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", }, product_reference: "xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.s390x as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", }, product_reference: "xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", }, product_reference: "xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2017-12176", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12176", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12176", url: "https://www.suse.com/security/cve/CVE-2017-12176", }, { category: "external", summary: "SUSE Bug 1063041 for CVE-2017-12176", url: "https://bugzilla.suse.com/1063041", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-22T16:16:29Z", details: "moderate", }, ], title: "CVE-2017-12176", }, { cve: "CVE-2017-12177", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12177", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12177", url: "https://www.suse.com/security/cve/CVE-2017-12177", }, { category: "external", summary: "SUSE Bug 1063040 for CVE-2017-12177", url: "https://bugzilla.suse.com/1063040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-22T16:16:29Z", details: "moderate", }, ], title: "CVE-2017-12177", }, { cve: "CVE-2017-12178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12178", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12178", url: "https://www.suse.com/security/cve/CVE-2017-12178", }, { category: "external", summary: "SUSE Bug 1063039 for CVE-2017-12178", url: "https://bugzilla.suse.com/1063039", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-22T16:16:29Z", details: "moderate", }, ], title: "CVE-2017-12178", }, { cve: "CVE-2017-12179", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12179", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12179", url: "https://www.suse.com/security/cve/CVE-2017-12179", }, { category: "external", summary: "SUSE Bug 1063038 for CVE-2017-12179", url: "https://bugzilla.suse.com/1063038", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-22T16:16:29Z", details: "moderate", }, ], title: "CVE-2017-12179", }, { cve: "CVE-2017-12180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12180", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12180", url: "https://www.suse.com/security/cve/CVE-2017-12180", }, { category: "external", summary: "SUSE Bug 1063037 for CVE-2017-12180", url: "https://bugzilla.suse.com/1063037", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-22T16:16:29Z", details: "moderate", }, ], title: "CVE-2017-12180", }, { cve: "CVE-2017-12181", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12181", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12181", url: "https://www.suse.com/security/cve/CVE-2017-12181", }, { category: "external", summary: "SUSE Bug 1063037 for CVE-2017-12181", url: "https://bugzilla.suse.com/1063037", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-22T16:16:29Z", details: "moderate", }, ], title: "CVE-2017-12181", }, { cve: "CVE-2017-12182", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12182", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12182", url: "https://www.suse.com/security/cve/CVE-2017-12182", }, { category: "external", summary: "SUSE Bug 1063037 for CVE-2017-12182", url: "https://bugzilla.suse.com/1063037", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-22T16:16:29Z", details: "moderate", }, ], title: "CVE-2017-12182", }, { cve: "CVE-2017-12183", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12183", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12183", url: "https://www.suse.com/security/cve/CVE-2017-12183", }, { category: "external", summary: "SUSE Bug 1063035 for CVE-2017-12183", url: "https://bugzilla.suse.com/1063035", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-22T16:16:29Z", details: "moderate", }, ], title: "CVE-2017-12183", }, { cve: "CVE-2017-12184", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12184", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12184", url: "https://www.suse.com/security/cve/CVE-2017-12184", }, { category: "external", summary: "SUSE Bug 1063034 for CVE-2017-12184", url: "https://bugzilla.suse.com/1063034", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-22T16:16:29Z", details: "moderate", }, ], title: "CVE-2017-12184", }, { cve: "CVE-2017-12185", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12185", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12185", url: "https://www.suse.com/security/cve/CVE-2017-12185", }, { category: "external", summary: "SUSE Bug 1063034 for CVE-2017-12185", url: "https://bugzilla.suse.com/1063034", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-22T16:16:29Z", details: "moderate", }, ], title: "CVE-2017-12185", }, { cve: "CVE-2017-12186", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12186", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12186", url: "https://www.suse.com/security/cve/CVE-2017-12186", }, { category: "external", summary: "SUSE Bug 1063034 for CVE-2017-12186", url: "https://bugzilla.suse.com/1063034", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-22T16:16:29Z", details: "moderate", }, ], title: "CVE-2017-12186", }, { cve: "CVE-2017-12187", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12187", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12187", url: "https://www.suse.com/security/cve/CVE-2017-12187", }, { category: "external", summary: "SUSE Bug 1063034 for CVE-2017-12187", url: "https://bugzilla.suse.com/1063034", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-22T16:16:29Z", details: "moderate", }, ], title: "CVE-2017-12187", }, { cve: "CVE-2017-13721", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13721", }, ], notes: [ { category: "general", text: "In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13721", url: "https://www.suse.com/security/cve/CVE-2017-13721", }, { category: "external", summary: "SUSE Bug 1051150 for CVE-2017-13721", url: "https://bugzilla.suse.com/1051150", }, { category: "external", summary: "SUSE Bug 1052984 for CVE-2017-13721", url: "https://bugzilla.suse.com/1052984", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-22T16:16:29Z", details: "moderate", }, ], title: "CVE-2017-13721", }, { cve: "CVE-2017-13723", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13723", }, ], notes: [ { category: "general", text: "In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13723", url: "https://www.suse.com/security/cve/CVE-2017-13723", }, { category: "external", summary: "SUSE Bug 1051150 for CVE-2017-13723", url: "https://bugzilla.suse.com/1051150", }, { category: "external", summary: "SUSE Bug 1052984 for CVE-2017-13723", url: "https://bugzilla.suse.com/1052984", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xorg-x11-server-extra-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP2:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:xorg-x11-server-sdk-7.6_1.18.3-76.15.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-22T16:16:29Z", details: "moderate", }, ], title: "CVE-2017-13723", }, ], }
suse-su-2017:3025-1
Vulnerability from csaf_suse
Published
2017-11-16 11:57
Modified
2017-11-16 11:57
Summary
Security update for xorg-x11-server
Notes
Title of the patch
Security update for xorg-x11-server
Description of the patch
This update for xorg-x11-server provides several fixes.
These security issues were fixed:
- CVE-2017-13723: Prevent local DoS via unusual characters in XkbAtomText and
XkbStringText (bsc#1051150).
- Improve the entropy when generating random data used in X.org server authorization
cookies generation by using getentropy() and getrandom() when available (bsc#1025084)
- CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187: Fixed
unvalidated lengths in multiple extensions (bsc#1063034)
- CVE-2017-12183: Fixed some unvalidated lengths in the XFIXES
extension. (bsc#1063035)
- CVE-2017-12180,CVE-2017-12181,CVE-2017-12182: Fixed various unvalidated
lengths in the XFree86-VidMode/XFree86-DGA/XFree86-DRI extensions
(bsc#1063037)
- CVE-2017-12179: Fixed an integer overflow and unvalidated length in
(S)ProcXIBarrierReleasePointer in Xi (bsc#1063038)
- CVE-2017-12178: Fixed a wrong extra length check in
ProcXIChangeHierarchy in Xi (bsc#1063039)
- CVE-2017-12177: Fixed an unvalidated variable-length request in
ProcDbeGetVisualInfo (bsc#1063040)
- CVE-2017-12176: Fixed an unvalidated extra length in
ProcEstablishConnection (bsc#1063041)
Patchnames
sdksp4-xorg-x11-server-13345,slessp4-xorg-x11-server-13345
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for xorg-x11-server", title: "Title of the patch", }, { category: "description", text: "This update for xorg-x11-server provides several fixes.\n\nThese security issues were fixed:\n\n- CVE-2017-13723: Prevent local DoS via unusual characters in XkbAtomText and\n XkbStringText (bsc#1051150).\n- Improve the entropy when generating random data used in X.org server authorization\n cookies generation by using getentropy() and getrandom() when available (bsc#1025084)\n- CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187: Fixed\n unvalidated lengths in multiple extensions (bsc#1063034)\n- CVE-2017-12183: Fixed some unvalidated lengths in the XFIXES\n extension. (bsc#1063035)\n- CVE-2017-12180,CVE-2017-12181,CVE-2017-12182: Fixed various unvalidated\n lengths in the XFree86-VidMode/XFree86-DGA/XFree86-DRI extensions\n (bsc#1063037)\n- CVE-2017-12179: Fixed an integer overflow and unvalidated length in\n (S)ProcXIBarrierReleasePointer in Xi (bsc#1063038)\n- CVE-2017-12178: Fixed a wrong extra length check in\n ProcXIChangeHierarchy in Xi (bsc#1063039)\n- CVE-2017-12177: Fixed an unvalidated variable-length request in\n ProcDbeGetVisualInfo (bsc#1063040)\n- CVE-2017-12176: Fixed an unvalidated extra length in\n ProcEstablishConnection (bsc#1063041)\n\n\n", title: "Description of the patch", }, { category: "details", text: "sdksp4-xorg-x11-server-13345,slessp4-xorg-x11-server-13345", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_3025-1.json", }, { category: "self", summary: "URL for SUSE-SU-2017:3025-1", url: "https://www.suse.com/support/update/announcement/2017/suse-su-20173025-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2017:3025-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2017-November/003399.html", }, { category: "self", summary: "SUSE Bug 1025084", url: "https://bugzilla.suse.com/1025084", }, { category: "self", summary: "SUSE Bug 1051150", url: "https://bugzilla.suse.com/1051150", }, { category: "self", summary: "SUSE Bug 1063034", url: "https://bugzilla.suse.com/1063034", }, { category: "self", summary: "SUSE Bug 1063035", url: "https://bugzilla.suse.com/1063035", }, { category: "self", summary: "SUSE Bug 1063037", url: "https://bugzilla.suse.com/1063037", }, { category: "self", summary: "SUSE Bug 1063038", url: "https://bugzilla.suse.com/1063038", }, { category: "self", summary: "SUSE Bug 1063039", url: "https://bugzilla.suse.com/1063039", }, { category: "self", summary: "SUSE Bug 1063040", url: "https://bugzilla.suse.com/1063040", }, { category: "self", summary: "SUSE Bug 1063041", url: "https://bugzilla.suse.com/1063041", }, { category: "self", summary: "SUSE CVE CVE-2017-12176 page", url: "https://www.suse.com/security/cve/CVE-2017-12176/", }, { category: "self", summary: "SUSE CVE CVE-2017-12177 page", url: "https://www.suse.com/security/cve/CVE-2017-12177/", }, { category: "self", summary: "SUSE CVE CVE-2017-12178 page", url: "https://www.suse.com/security/cve/CVE-2017-12178/", }, { category: "self", summary: "SUSE CVE CVE-2017-12179 page", url: "https://www.suse.com/security/cve/CVE-2017-12179/", }, { category: "self", summary: "SUSE CVE CVE-2017-12180 page", url: "https://www.suse.com/security/cve/CVE-2017-12180/", }, { category: "self", summary: "SUSE CVE CVE-2017-12181 page", url: "https://www.suse.com/security/cve/CVE-2017-12181/", }, { category: "self", summary: "SUSE CVE CVE-2017-12182 page", url: "https://www.suse.com/security/cve/CVE-2017-12182/", }, { category: "self", summary: "SUSE CVE CVE-2017-12183 page", url: "https://www.suse.com/security/cve/CVE-2017-12183/", }, { category: "self", summary: "SUSE CVE CVE-2017-12184 page", url: "https://www.suse.com/security/cve/CVE-2017-12184/", }, { category: "self", summary: "SUSE CVE CVE-2017-12185 page", url: "https://www.suse.com/security/cve/CVE-2017-12185/", }, { category: "self", summary: "SUSE CVE CVE-2017-12186 page", url: "https://www.suse.com/security/cve/CVE-2017-12186/", }, { category: "self", summary: "SUSE CVE CVE-2017-12187 page", url: "https://www.suse.com/security/cve/CVE-2017-12187/", }, { category: "self", summary: "SUSE CVE CVE-2017-13723 page", url: "https://www.suse.com/security/cve/CVE-2017-13723/", }, ], title: "Security update for xorg-x11-server", tracking: { current_release_date: "2017-11-16T11:57:00Z", generator: { date: "2017-11-16T11:57:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2017:3025-1", initial_release_date: "2017-11-16T11:57:00Z", revision_history: [ { date: "2017-11-16T11:57:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "xorg-x11-server-sdk-7.4-27.122.16.1.i586", product: { name: "xorg-x11-server-sdk-7.4-27.122.16.1.i586", product_id: "xorg-x11-server-sdk-7.4-27.122.16.1.i586", }, }, { category: "product_version", name: "xorg-x11-Xvnc-7.4-27.122.16.1.i586", product: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.i586", product_id: "xorg-x11-Xvnc-7.4-27.122.16.1.i586", }, }, { category: "product_version", name: "xorg-x11-server-7.4-27.122.16.1.i586", product: { name: "xorg-x11-server-7.4-27.122.16.1.i586", product_id: "xorg-x11-server-7.4-27.122.16.1.i586", }, }, { category: "product_version", name: "xorg-x11-server-extra-7.4-27.122.16.1.i586", product: { name: "xorg-x11-server-extra-7.4-27.122.16.1.i586", product_id: "xorg-x11-server-extra-7.4-27.122.16.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "xorg-x11-server-sdk-7.4-27.122.16.1.ia64", product: { name: "xorg-x11-server-sdk-7.4-27.122.16.1.ia64", product_id: "xorg-x11-server-sdk-7.4-27.122.16.1.ia64", }, }, { category: "product_version", name: "xorg-x11-Xvnc-7.4-27.122.16.1.ia64", product: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.ia64", product_id: "xorg-x11-Xvnc-7.4-27.122.16.1.ia64", }, }, { category: "product_version", name: "xorg-x11-server-7.4-27.122.16.1.ia64", product: { name: "xorg-x11-server-7.4-27.122.16.1.ia64", product_id: "xorg-x11-server-7.4-27.122.16.1.ia64", }, }, { category: "product_version", name: "xorg-x11-server-extra-7.4-27.122.16.1.ia64", product: { name: "xorg-x11-server-extra-7.4-27.122.16.1.ia64", product_id: "xorg-x11-server-extra-7.4-27.122.16.1.ia64", }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", product: { name: "xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", product_id: "xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", }, }, { category: "product_version", name: "xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", product: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", product_id: "xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", }, }, { category: "product_version", name: "xorg-x11-server-7.4-27.122.16.1.ppc64", product: { name: "xorg-x11-server-7.4-27.122.16.1.ppc64", product_id: "xorg-x11-server-7.4-27.122.16.1.ppc64", }, }, { category: "product_version", name: "xorg-x11-server-extra-7.4-27.122.16.1.ppc64", product: { name: "xorg-x11-server-extra-7.4-27.122.16.1.ppc64", product_id: "xorg-x11-server-extra-7.4-27.122.16.1.ppc64", }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "xorg-x11-server-sdk-7.4-27.122.16.1.s390x", product: { name: "xorg-x11-server-sdk-7.4-27.122.16.1.s390x", product_id: "xorg-x11-server-sdk-7.4-27.122.16.1.s390x", }, }, { category: "product_version", name: "xorg-x11-Xvnc-7.4-27.122.16.1.s390x", product: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.s390x", product_id: "xorg-x11-Xvnc-7.4-27.122.16.1.s390x", }, }, { category: "product_version", name: "xorg-x11-server-7.4-27.122.16.1.s390x", product: { name: "xorg-x11-server-7.4-27.122.16.1.s390x", product_id: "xorg-x11-server-7.4-27.122.16.1.s390x", }, }, { category: "product_version", name: "xorg-x11-server-extra-7.4-27.122.16.1.s390x", product: { name: "xorg-x11-server-extra-7.4-27.122.16.1.s390x", product_id: "xorg-x11-server-extra-7.4-27.122.16.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", product: { name: "xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", product_id: "xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", }, }, { category: "product_version", name: "xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", product: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", product_id: "xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", }, }, { category: "product_version", name: "xorg-x11-server-7.4-27.122.16.1.x86_64", product: { name: "xorg-x11-server-7.4-27.122.16.1.x86_64", product_id: "xorg-x11-server-7.4-27.122.16.1.x86_64", }, }, { category: "product_version", name: "xorg-x11-server-extra-7.4-27.122.16.1.x86_64", product: { name: "xorg-x11-server-extra-7.4-27.122.16.1.x86_64", product_id: "xorg-x11-server-extra-7.4-27.122.16.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 11 SP4", product: { name: "SUSE Linux Enterprise Software Development Kit 11 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4", product_identification_helper: { cpe: "cpe:/a:suse:sle-sdk:11:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP4", product: { name: "SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4", product_identification_helper: { cpe: "cpe:/o:suse:suse_sles:11:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:11:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-7.4-27.122.16.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", }, product_reference: "xorg-x11-server-sdk-7.4-27.122.16.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-7.4-27.122.16.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", }, product_reference: "xorg-x11-server-sdk-7.4-27.122.16.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-7.4-27.122.16.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", }, product_reference: "xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-7.4-27.122.16.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", }, product_reference: "xorg-x11-server-sdk-7.4-27.122.16.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-7.4-27.122.16.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", }, product_reference: "xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", }, product_reference: "xorg-x11-Xvnc-7.4-27.122.16.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", }, product_reference: "xorg-x11-Xvnc-7.4-27.122.16.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", }, product_reference: "xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", }, product_reference: "xorg-x11-Xvnc-7.4-27.122.16.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", }, product_reference: "xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.4-27.122.16.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", }, product_reference: "xorg-x11-server-7.4-27.122.16.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.4-27.122.16.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", }, product_reference: "xorg-x11-server-7.4-27.122.16.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.4-27.122.16.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", }, product_reference: "xorg-x11-server-7.4-27.122.16.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.4-27.122.16.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", }, product_reference: "xorg-x11-server-7.4-27.122.16.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.4-27.122.16.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", }, product_reference: "xorg-x11-server-7.4-27.122.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.4-27.122.16.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", }, product_reference: "xorg-x11-server-extra-7.4-27.122.16.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.4-27.122.16.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", }, product_reference: "xorg-x11-server-extra-7.4-27.122.16.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.4-27.122.16.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", }, product_reference: "xorg-x11-server-extra-7.4-27.122.16.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.4-27.122.16.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", }, product_reference: "xorg-x11-server-extra-7.4-27.122.16.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.4-27.122.16.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", }, product_reference: "xorg-x11-server-extra-7.4-27.122.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", }, product_reference: "xorg-x11-Xvnc-7.4-27.122.16.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", }, product_reference: "xorg-x11-Xvnc-7.4-27.122.16.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", }, product_reference: "xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", }, product_reference: "xorg-x11-Xvnc-7.4-27.122.16.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-Xvnc-7.4-27.122.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", }, product_reference: "xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.4-27.122.16.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", }, product_reference: "xorg-x11-server-7.4-27.122.16.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.4-27.122.16.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", }, product_reference: "xorg-x11-server-7.4-27.122.16.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.4-27.122.16.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", }, product_reference: "xorg-x11-server-7.4-27.122.16.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.4-27.122.16.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", }, product_reference: "xorg-x11-server-7.4-27.122.16.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-7.4-27.122.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", }, product_reference: "xorg-x11-server-7.4-27.122.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.4-27.122.16.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", }, product_reference: "xorg-x11-server-extra-7.4-27.122.16.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.4-27.122.16.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", }, product_reference: "xorg-x11-server-extra-7.4-27.122.16.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.4-27.122.16.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", }, product_reference: "xorg-x11-server-extra-7.4-27.122.16.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.4-27.122.16.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", }, product_reference: "xorg-x11-server-extra-7.4-27.122.16.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-7.4-27.122.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", }, product_reference: "xorg-x11-server-extra-7.4-27.122.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, ], }, vulnerabilities: [ { cve: "CVE-2017-12176", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12176", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12176", url: "https://www.suse.com/security/cve/CVE-2017-12176", }, { category: "external", summary: "SUSE Bug 1063041 for CVE-2017-12176", url: "https://bugzilla.suse.com/1063041", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-16T11:57:00Z", details: "moderate", }, ], title: "CVE-2017-12176", }, { cve: "CVE-2017-12177", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12177", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12177", url: "https://www.suse.com/security/cve/CVE-2017-12177", }, { category: "external", summary: "SUSE Bug 1063040 for CVE-2017-12177", url: "https://bugzilla.suse.com/1063040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-16T11:57:00Z", details: "moderate", }, ], title: "CVE-2017-12177", }, { cve: "CVE-2017-12178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12178", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12178", url: "https://www.suse.com/security/cve/CVE-2017-12178", }, { category: "external", summary: "SUSE Bug 1063039 for CVE-2017-12178", url: "https://bugzilla.suse.com/1063039", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-16T11:57:00Z", details: "moderate", }, ], title: "CVE-2017-12178", }, { cve: "CVE-2017-12179", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12179", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12179", url: "https://www.suse.com/security/cve/CVE-2017-12179", }, { category: "external", summary: "SUSE Bug 1063038 for CVE-2017-12179", url: "https://bugzilla.suse.com/1063038", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-16T11:57:00Z", details: "moderate", }, ], title: "CVE-2017-12179", }, { cve: "CVE-2017-12180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12180", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12180", url: "https://www.suse.com/security/cve/CVE-2017-12180", }, { category: "external", summary: "SUSE Bug 1063037 for CVE-2017-12180", url: "https://bugzilla.suse.com/1063037", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-16T11:57:00Z", details: "moderate", }, ], title: "CVE-2017-12180", }, { cve: "CVE-2017-12181", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12181", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12181", url: "https://www.suse.com/security/cve/CVE-2017-12181", }, { category: "external", summary: "SUSE Bug 1063037 for CVE-2017-12181", url: "https://bugzilla.suse.com/1063037", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-16T11:57:00Z", details: "moderate", }, ], title: "CVE-2017-12181", }, { cve: "CVE-2017-12182", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12182", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12182", url: "https://www.suse.com/security/cve/CVE-2017-12182", }, { category: "external", summary: "SUSE Bug 1063037 for CVE-2017-12182", url: "https://bugzilla.suse.com/1063037", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-16T11:57:00Z", details: "moderate", }, ], title: "CVE-2017-12182", }, { cve: "CVE-2017-12183", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12183", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12183", url: "https://www.suse.com/security/cve/CVE-2017-12183", }, { category: "external", summary: "SUSE Bug 1063035 for CVE-2017-12183", url: "https://bugzilla.suse.com/1063035", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-16T11:57:00Z", details: "moderate", }, ], title: "CVE-2017-12183", }, { cve: "CVE-2017-12184", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12184", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12184", url: "https://www.suse.com/security/cve/CVE-2017-12184", }, { category: "external", summary: "SUSE Bug 1063034 for CVE-2017-12184", url: "https://bugzilla.suse.com/1063034", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-16T11:57:00Z", details: "moderate", }, ], title: "CVE-2017-12184", }, { cve: "CVE-2017-12185", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12185", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12185", url: "https://www.suse.com/security/cve/CVE-2017-12185", }, { category: "external", summary: "SUSE Bug 1063034 for CVE-2017-12185", url: "https://bugzilla.suse.com/1063034", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-16T11:57:00Z", details: "moderate", }, ], title: "CVE-2017-12185", }, { cve: "CVE-2017-12186", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12186", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12186", url: "https://www.suse.com/security/cve/CVE-2017-12186", }, { category: "external", summary: "SUSE Bug 1063034 for CVE-2017-12186", url: "https://bugzilla.suse.com/1063034", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-16T11:57:00Z", details: "moderate", }, ], title: "CVE-2017-12186", }, { cve: "CVE-2017-12187", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12187", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12187", url: "https://www.suse.com/security/cve/CVE-2017-12187", }, { category: "external", summary: "SUSE Bug 1063034 for CVE-2017-12187", url: "https://bugzilla.suse.com/1063034", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-16T11:57:00Z", details: "moderate", }, ], title: "CVE-2017-12187", }, { cve: "CVE-2017-13723", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13723", }, ], notes: [ { category: "general", text: "In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13723", url: "https://www.suse.com/security/cve/CVE-2017-13723", }, { category: "external", summary: "SUSE Bug 1051150 for CVE-2017-13723", url: "https://bugzilla.suse.com/1051150", }, { category: "external", summary: "SUSE Bug 1052984 for CVE-2017-13723", url: "https://bugzilla.suse.com/1052984", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-Xvnc-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:xorg-x11-server-extra-7.4-27.122.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP4:xorg-x11-server-sdk-7.4-27.122.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-11-16T11:57:00Z", details: "moderate", }, ], title: "CVE-2017-13723", }, ], }
ghsa-mq5f-6g2w-32rq
Vulnerability from github
Published
2022-05-13 01:38
Modified
2022-05-13 01:38
Severity ?
Details
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
{ affected: [], aliases: [ "CVE-2017-12176", ], database_specific: { cwe_ids: [ "CWE-20", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2018-01-24T15:29:00Z", severity: "CRITICAL", }, details: "xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", id: "GHSA-mq5f-6g2w-32rq", modified: "2022-05-13T01:38:13Z", published: "2022-05-13T01:38:13Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-12176", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1509214", }, { type: "WEB", url: "https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html", }, { type: "WEB", url: "https://security.gentoo.org/glsa/201711-05", }, { type: "WEB", url: "https://www.debian.org/security/2017/dsa-4000", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", type: "CVSS_V3", }, ], }
opensuse-su-2024:11525-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
xorg-x11-server-1.20.13-1.2 on GA media
Notes
Title of the patch
xorg-x11-server-1.20.13-1.2 on GA media
Description of the patch
These are all security issues fixed in the xorg-x11-server-1.20.13-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11525
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "xorg-x11-server-1.20.13-1.2 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the xorg-x11-server-1.20.13-1.2 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-11525", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11525-1.json", }, { category: "self", summary: "SUSE CVE CVE-2006-6101 page", url: "https://www.suse.com/security/cve/CVE-2006-6101/", }, { category: "self", summary: "SUSE CVE CVE-2006-6102 page", url: "https://www.suse.com/security/cve/CVE-2006-6102/", }, { category: "self", summary: "SUSE CVE CVE-2006-6103 page", url: "https://www.suse.com/security/cve/CVE-2006-6103/", }, { category: "self", summary: "SUSE CVE CVE-2007-1003 page", url: "https://www.suse.com/security/cve/CVE-2007-1003/", }, { category: "self", summary: "SUSE CVE CVE-2007-5760 page", url: "https://www.suse.com/security/cve/CVE-2007-5760/", }, { category: "self", summary: "SUSE CVE CVE-2007-6427 page", url: "https://www.suse.com/security/cve/CVE-2007-6427/", }, { category: "self", summary: "SUSE CVE CVE-2007-6428 page", url: "https://www.suse.com/security/cve/CVE-2007-6428/", }, { category: "self", summary: "SUSE CVE CVE-2007-6429 page", url: "https://www.suse.com/security/cve/CVE-2007-6429/", }, { category: "self", summary: "SUSE CVE CVE-2008-0006 page", url: "https://www.suse.com/security/cve/CVE-2008-0006/", }, { category: "self", summary: "SUSE CVE CVE-2008-1377 page", url: "https://www.suse.com/security/cve/CVE-2008-1377/", }, { category: "self", summary: "SUSE CVE CVE-2008-1379 page", url: "https://www.suse.com/security/cve/CVE-2008-1379/", }, { category: "self", summary: "SUSE CVE CVE-2008-2360 page", url: "https://www.suse.com/security/cve/CVE-2008-2360/", }, { category: "self", summary: "SUSE CVE CVE-2008-2361 page", url: "https://www.suse.com/security/cve/CVE-2008-2361/", }, { category: "self", summary: "SUSE CVE CVE-2008-2362 page", url: "https://www.suse.com/security/cve/CVE-2008-2362/", }, { category: "self", summary: "SUSE CVE CVE-2017-10971 page", url: "https://www.suse.com/security/cve/CVE-2017-10971/", }, { category: "self", summary: "SUSE CVE CVE-2017-12176 page", url: "https://www.suse.com/security/cve/CVE-2017-12176/", }, { category: "self", summary: "SUSE CVE CVE-2017-12187 page", url: "https://www.suse.com/security/cve/CVE-2017-12187/", }, { category: "self", summary: "SUSE CVE CVE-2017-13721 page", url: "https://www.suse.com/security/cve/CVE-2017-13721/", }, { category: "self", summary: "SUSE CVE CVE-2017-2624 page", url: "https://www.suse.com/security/cve/CVE-2017-2624/", }, { category: "self", summary: "SUSE CVE CVE-2018-14665 page", url: "https://www.suse.com/security/cve/CVE-2018-14665/", }, { category: "self", summary: "SUSE CVE CVE-2020-14345 page", url: "https://www.suse.com/security/cve/CVE-2020-14345/", }, { category: "self", summary: "SUSE CVE CVE-2020-14346 page", url: "https://www.suse.com/security/cve/CVE-2020-14346/", }, { category: "self", summary: "SUSE CVE CVE-2020-14347 page", url: "https://www.suse.com/security/cve/CVE-2020-14347/", }, { category: "self", summary: "SUSE CVE CVE-2020-14360 page", url: "https://www.suse.com/security/cve/CVE-2020-14360/", }, { category: "self", summary: "SUSE CVE CVE-2020-14361 page", url: "https://www.suse.com/security/cve/CVE-2020-14361/", }, { category: "self", summary: "SUSE CVE CVE-2020-14362 page", url: "https://www.suse.com/security/cve/CVE-2020-14362/", }, { category: "self", summary: "SUSE CVE CVE-2020-25712 page", url: "https://www.suse.com/security/cve/CVE-2020-25712/", }, { category: "self", summary: "SUSE CVE CVE-2021-3472 page", url: "https://www.suse.com/security/cve/CVE-2021-3472/", }, ], title: "xorg-x11-server-1.20.13-1.2 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:11525-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "xorg-x11-server-1.20.13-1.2.aarch64", product: { name: "xorg-x11-server-1.20.13-1.2.aarch64", product_id: "xorg-x11-server-1.20.13-1.2.aarch64", }, }, { category: "product_version", name: "xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", product: { name: "xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", product_id: "xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", }, }, { category: "product_version", name: "xorg-x11-server-extra-1.20.13-1.2.aarch64", product: { name: "xorg-x11-server-extra-1.20.13-1.2.aarch64", product_id: "xorg-x11-server-extra-1.20.13-1.2.aarch64", }, }, { category: "product_version", name: "xorg-x11-server-sdk-1.20.13-1.2.aarch64", product: { name: "xorg-x11-server-sdk-1.20.13-1.2.aarch64", product_id: "xorg-x11-server-sdk-1.20.13-1.2.aarch64", }, }, { category: "product_version", name: "xorg-x11-server-source-1.20.13-1.2.aarch64", product: { name: "xorg-x11-server-source-1.20.13-1.2.aarch64", product_id: "xorg-x11-server-source-1.20.13-1.2.aarch64", }, }, { category: "product_version", name: "xorg-x11-server-wrapper-1.20.13-1.2.aarch64", product: { name: "xorg-x11-server-wrapper-1.20.13-1.2.aarch64", product_id: "xorg-x11-server-wrapper-1.20.13-1.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "xorg-x11-server-1.20.13-1.2.ppc64le", product: { name: "xorg-x11-server-1.20.13-1.2.ppc64le", product_id: "xorg-x11-server-1.20.13-1.2.ppc64le", }, }, { category: "product_version", name: "xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", product: { name: "xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", product_id: "xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", }, }, { category: "product_version", name: "xorg-x11-server-extra-1.20.13-1.2.ppc64le", product: { name: "xorg-x11-server-extra-1.20.13-1.2.ppc64le", product_id: "xorg-x11-server-extra-1.20.13-1.2.ppc64le", }, }, { category: "product_version", name: "xorg-x11-server-sdk-1.20.13-1.2.ppc64le", product: { name: "xorg-x11-server-sdk-1.20.13-1.2.ppc64le", product_id: "xorg-x11-server-sdk-1.20.13-1.2.ppc64le", }, }, { category: "product_version", name: "xorg-x11-server-source-1.20.13-1.2.ppc64le", product: { name: "xorg-x11-server-source-1.20.13-1.2.ppc64le", product_id: "xorg-x11-server-source-1.20.13-1.2.ppc64le", }, }, { category: "product_version", name: "xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", product: { name: "xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", product_id: "xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "xorg-x11-server-1.20.13-1.2.s390x", product: { name: "xorg-x11-server-1.20.13-1.2.s390x", product_id: "xorg-x11-server-1.20.13-1.2.s390x", }, }, { category: "product_version", name: "xorg-x11-server-Xvfb-1.20.13-1.2.s390x", product: { name: "xorg-x11-server-Xvfb-1.20.13-1.2.s390x", product_id: "xorg-x11-server-Xvfb-1.20.13-1.2.s390x", }, }, { category: "product_version", name: "xorg-x11-server-extra-1.20.13-1.2.s390x", product: { name: "xorg-x11-server-extra-1.20.13-1.2.s390x", product_id: "xorg-x11-server-extra-1.20.13-1.2.s390x", }, }, { category: "product_version", name: "xorg-x11-server-sdk-1.20.13-1.2.s390x", product: { name: "xorg-x11-server-sdk-1.20.13-1.2.s390x", product_id: "xorg-x11-server-sdk-1.20.13-1.2.s390x", }, }, { category: "product_version", name: "xorg-x11-server-source-1.20.13-1.2.s390x", product: { name: "xorg-x11-server-source-1.20.13-1.2.s390x", product_id: "xorg-x11-server-source-1.20.13-1.2.s390x", }, }, { category: "product_version", name: "xorg-x11-server-wrapper-1.20.13-1.2.s390x", product: { name: "xorg-x11-server-wrapper-1.20.13-1.2.s390x", product_id: "xorg-x11-server-wrapper-1.20.13-1.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "xorg-x11-server-1.20.13-1.2.x86_64", product: { name: "xorg-x11-server-1.20.13-1.2.x86_64", product_id: "xorg-x11-server-1.20.13-1.2.x86_64", }, }, { category: "product_version", name: "xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", product: { name: "xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", product_id: "xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", }, }, { category: "product_version", name: "xorg-x11-server-extra-1.20.13-1.2.x86_64", product: { name: "xorg-x11-server-extra-1.20.13-1.2.x86_64", product_id: "xorg-x11-server-extra-1.20.13-1.2.x86_64", }, }, { category: "product_version", name: "xorg-x11-server-sdk-1.20.13-1.2.x86_64", product: { name: "xorg-x11-server-sdk-1.20.13-1.2.x86_64", product_id: "xorg-x11-server-sdk-1.20.13-1.2.x86_64", }, }, { category: "product_version", name: "xorg-x11-server-source-1.20.13-1.2.x86_64", product: { name: "xorg-x11-server-source-1.20.13-1.2.x86_64", product_id: "xorg-x11-server-source-1.20.13-1.2.x86_64", }, }, { category: "product_version", name: "xorg-x11-server-wrapper-1.20.13-1.2.x86_64", product: { name: "xorg-x11-server-wrapper-1.20.13-1.2.x86_64", product_id: "xorg-x11-server-wrapper-1.20.13-1.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "xorg-x11-server-1.20.13-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", }, product_reference: "xorg-x11-server-1.20.13-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-1.20.13-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", }, product_reference: "xorg-x11-server-1.20.13-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-1.20.13-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", }, product_reference: "xorg-x11-server-1.20.13-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-1.20.13-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", }, product_reference: "xorg-x11-server-1.20.13-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-Xvfb-1.20.13-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", }, product_reference: "xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", }, product_reference: "xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-Xvfb-1.20.13-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", }, product_reference: "xorg-x11-server-Xvfb-1.20.13-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-Xvfb-1.20.13-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", }, product_reference: "xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-1.20.13-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", }, product_reference: "xorg-x11-server-extra-1.20.13-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-1.20.13-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", }, product_reference: "xorg-x11-server-extra-1.20.13-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-1.20.13-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", }, product_reference: "xorg-x11-server-extra-1.20.13-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-extra-1.20.13-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", }, product_reference: "xorg-x11-server-extra-1.20.13-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-1.20.13-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", }, product_reference: "xorg-x11-server-sdk-1.20.13-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-1.20.13-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", }, product_reference: "xorg-x11-server-sdk-1.20.13-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-1.20.13-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", }, product_reference: "xorg-x11-server-sdk-1.20.13-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-sdk-1.20.13-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", }, product_reference: "xorg-x11-server-sdk-1.20.13-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-source-1.20.13-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", }, product_reference: "xorg-x11-server-source-1.20.13-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-source-1.20.13-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", }, product_reference: "xorg-x11-server-source-1.20.13-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-source-1.20.13-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", }, product_reference: "xorg-x11-server-source-1.20.13-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-source-1.20.13-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", }, product_reference: "xorg-x11-server-source-1.20.13-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-wrapper-1.20.13-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", }, product_reference: "xorg-x11-server-wrapper-1.20.13-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-wrapper-1.20.13-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", }, product_reference: "xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-wrapper-1.20.13-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", }, product_reference: "xorg-x11-server-wrapper-1.20.13-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "xorg-x11-server-wrapper-1.20.13-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", }, product_reference: "xorg-x11-server-wrapper-1.20.13-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2006-6101", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-6101", }, ], notes: [ { category: "general", text: "Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-6101", url: "https://www.suse.com/security/cve/CVE-2006-6101", }, { category: "external", summary: "SUSE Bug 225972 for CVE-2006-6101", url: "https://bugzilla.suse.com/225972", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2006-6101", }, { cve: "CVE-2006-6102", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-6102", }, ], notes: [ { category: "general", text: "Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-6102", url: "https://www.suse.com/security/cve/CVE-2006-6102", }, { category: "external", summary: "SUSE Bug 225974 for CVE-2006-6102", url: "https://bugzilla.suse.com/225974", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2006-6102", }, { cve: "CVE-2006-6103", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-6103", }, ], notes: [ { category: "general", text: "Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-6103", url: "https://www.suse.com/security/cve/CVE-2006-6103", }, { category: "external", summary: "SUSE Bug 225975 for CVE-2006-6103", url: "https://bugzilla.suse.com/225975", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2006-6103", }, { cve: "CVE-2007-1003", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-1003", }, ], notes: [ { category: "general", text: "Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in memory corruption.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-1003", url: "https://www.suse.com/security/cve/CVE-2007-1003", }, { category: "external", summary: "SUSE Bug 243978 for CVE-2007-1003", url: "https://bugzilla.suse.com/243978", }, { category: "external", summary: "SUSE Bug 261141 for CVE-2007-1003", url: "https://bugzilla.suse.com/261141", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2007-1003", }, { cve: "CVE-2007-5760", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-5760", }, ], notes: [ { category: "general", text: "Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-5760", url: "https://www.suse.com/security/cve/CVE-2007-5760", }, { category: "external", summary: "SUSE Bug 345496 for CVE-2007-5760", url: "https://bugzilla.suse.com/345496", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2007-5760", }, { cve: "CVE-2007-6427", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-6427", }, ], notes: [ { category: "general", text: "The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-6427", url: "https://www.suse.com/security/cve/CVE-2007-6427", }, { category: "external", summary: "SUSE Bug 345127 for CVE-2007-6427", url: "https://bugzilla.suse.com/345127", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2007-6427", }, { cve: "CVE-2007-6428", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-6428", }, ], notes: [ { category: "general", text: "The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used as an array index.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-6428", url: "https://www.suse.com/security/cve/CVE-2007-6428", }, { category: "external", summary: "SUSE Bug 345128 for CVE-2007-6428", url: "https://bugzilla.suse.com/345128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-6428", }, { cve: "CVE-2007-6429", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-6429", }, ], notes: [ { category: "general", text: "Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-6429", url: "https://www.suse.com/security/cve/CVE-2007-6429", }, { category: "external", summary: "SUSE Bug 345130 for CVE-2007-6429", url: "https://bugzilla.suse.com/345130", }, { category: "external", summary: "SUSE Bug 345131 for CVE-2007-6429", url: "https://bugzilla.suse.com/345131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2007-6429", }, { cve: "CVE-2008-0006", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-0006", }, ], notes: [ { category: "general", text: "Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-0006", url: "https://www.suse.com/security/cve/CVE-2008-0006", }, { category: "external", summary: "SUSE Bug 348296 for CVE-2008-0006", url: "https://bugzilla.suse.com/348296", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2008-0006", }, { cve: "CVE-2008-1377", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-1377", }, ], notes: [ { category: "general", text: "The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-1377", url: "https://www.suse.com/security/cve/CVE-2008-1377", }, { category: "external", summary: "SUSE Bug 374318 for CVE-2008-1377", url: "https://bugzilla.suse.com/374318", }, { category: "external", summary: "SUSE Bug 374323 for CVE-2008-1377", url: "https://bugzilla.suse.com/374323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2008-1377", }, { cve: "CVE-2008-1379", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-1379", }, ], notes: [ { category: "general", text: "Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-1379", url: "https://www.suse.com/security/cve/CVE-2008-1379", }, { category: "external", summary: "SUSE Bug 374318 for CVE-2008-1379", url: "https://bugzilla.suse.com/374318", }, { category: "external", summary: "SUSE Bug 374320 for CVE-2008-1379", url: "https://bugzilla.suse.com/374320", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2008-1379", }, { cve: "CVE-2008-2360", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-2360", }, ], notes: [ { category: "general", text: "Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-2360", url: "https://www.suse.com/security/cve/CVE-2008-2360", }, { category: "external", summary: "SUSE Bug 374321 for CVE-2008-2360", url: "https://bugzilla.suse.com/374321", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2008-2360", }, { cve: "CVE-2008-2361", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-2361", }, ], notes: [ { category: "general", text: "Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service (daemon crash) via unspecified request fields that are used to calculate a glyph buffer size, which triggers a dereference of unmapped memory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-2361", url: "https://www.suse.com/security/cve/CVE-2008-2361", }, { category: "external", summary: "SUSE Bug 374321 for CVE-2008-2361", url: "https://bugzilla.suse.com/374321", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2008-2361", }, { cve: "CVE-2008-2362", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-2362", }, ], notes: [ { category: "general", text: "Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-2362", url: "https://www.suse.com/security/cve/CVE-2008-2362", }, { category: "external", summary: "SUSE Bug 374321 for CVE-2008-2362", url: "https://bugzilla.suse.com/374321", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2008-2362", }, { cve: "CVE-2017-10971", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-10971", }, ], notes: [ { category: "general", text: "In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-10971", url: "https://www.suse.com/security/cve/CVE-2017-10971", }, { category: "external", summary: "SUSE Bug 1035283 for CVE-2017-10971", url: "https://bugzilla.suse.com/1035283", }, { category: "external", summary: "SUSE Bug 1047730 for CVE-2017-10971", url: "https://bugzilla.suse.com/1047730", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-10971", }, { cve: "CVE-2017-12176", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12176", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12176", url: "https://www.suse.com/security/cve/CVE-2017-12176", }, { category: "external", summary: "SUSE Bug 1063041 for CVE-2017-12176", url: "https://bugzilla.suse.com/1063041", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-12176", }, { cve: "CVE-2017-12187", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12187", }, ], notes: [ { category: "general", text: "xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12187", url: "https://www.suse.com/security/cve/CVE-2017-12187", }, { category: "external", summary: "SUSE Bug 1063034 for CVE-2017-12187", url: "https://bugzilla.suse.com/1063034", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-12187", }, { cve: "CVE-2017-13721", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13721", }, ], notes: [ { category: "general", text: "In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13721", url: "https://www.suse.com/security/cve/CVE-2017-13721", }, { category: "external", summary: "SUSE Bug 1051150 for CVE-2017-13721", url: "https://bugzilla.suse.com/1051150", }, { category: "external", summary: "SUSE Bug 1052984 for CVE-2017-13721", url: "https://bugzilla.suse.com/1052984", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-13721", }, { cve: "CVE-2017-2624", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-2624", }, ], notes: [ { category: "general", text: "It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-2624", url: "https://www.suse.com/security/cve/CVE-2017-2624", }, { category: "external", summary: "SUSE Bug 1025029 for CVE-2017-2624", url: "https://bugzilla.suse.com/1025029", }, { category: "external", summary: "SUSE Bug 1025639 for CVE-2017-2624", url: "https://bugzilla.suse.com/1025639", }, { category: "external", summary: "SUSE Bug 1035283 for CVE-2017-2624", url: "https://bugzilla.suse.com/1035283", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-2624", }, { cve: "CVE-2018-14665", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14665", }, ], notes: [ { category: "general", text: "A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14665", url: "https://www.suse.com/security/cve/CVE-2018-14665", }, { category: "external", summary: "SUSE Bug 1111697 for CVE-2018-14665", url: "https://bugzilla.suse.com/1111697", }, { category: "external", summary: "SUSE Bug 1112020 for CVE-2018-14665", url: "https://bugzilla.suse.com/1112020", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-14665", }, { cve: "CVE-2020-14345", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14345", }, ], notes: [ { category: "general", text: "A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14345", url: "https://www.suse.com/security/cve/CVE-2020-14345", }, { category: "external", summary: "SUSE Bug 1174635 for CVE-2020-14345", url: "https://bugzilla.suse.com/1174635", }, { category: "external", summary: "SUSE Bug 1174638 for CVE-2020-14345", url: "https://bugzilla.suse.com/1174638", }, { category: "external", summary: "SUSE Bug 1174908 for CVE-2020-14345", url: "https://bugzilla.suse.com/1174908", }, { category: "external", summary: "SUSE Bug 1174910 for CVE-2020-14345", url: "https://bugzilla.suse.com/1174910", }, { category: "external", summary: "SUSE Bug 1174913 for CVE-2020-14345", url: "https://bugzilla.suse.com/1174913", }, { category: "external", summary: "SUSE Bug 1177596 for CVE-2020-14345", url: "https://bugzilla.suse.com/1177596", }, { category: "external", summary: "SUSE Bug 1181067 for CVE-2020-14345", url: "https://bugzilla.suse.com/1181067", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-14345", }, { cve: "CVE-2020-14346", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14346", }, ], notes: [ { category: "general", text: "A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14346", url: "https://www.suse.com/security/cve/CVE-2020-14346", }, { category: "external", summary: "SUSE Bug 1174635 for CVE-2020-14346", url: "https://bugzilla.suse.com/1174635", }, { category: "external", summary: "SUSE Bug 1174638 for CVE-2020-14346", url: "https://bugzilla.suse.com/1174638", }, { category: "external", summary: "SUSE Bug 1174910 for CVE-2020-14346", url: "https://bugzilla.suse.com/1174910", }, { category: "external", summary: "SUSE Bug 1174913 for CVE-2020-14346", url: "https://bugzilla.suse.com/1174913", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-14346", }, { cve: "CVE-2020-14347", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14347", }, ], notes: [ { category: "general", text: "A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14347", url: "https://www.suse.com/security/cve/CVE-2020-14347", }, { category: "external", summary: "SUSE Bug 1174633 for CVE-2020-14347", url: "https://bugzilla.suse.com/1174633", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-14347", }, { cve: "CVE-2020-14360", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14360", }, ], notes: [ { category: "general", text: "A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14360", url: "https://www.suse.com/security/cve/CVE-2020-14360", }, { category: "external", summary: "SUSE Bug 1174908 for CVE-2020-14360", url: "https://bugzilla.suse.com/1174908", }, { category: "external", summary: "SUSE Bug 1177596 for CVE-2020-14360", url: "https://bugzilla.suse.com/1177596", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-14360", }, { cve: "CVE-2020-14361", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14361", }, ], notes: [ { category: "general", text: "A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14361", url: "https://www.suse.com/security/cve/CVE-2020-14361", }, { category: "external", summary: "SUSE Bug 1174635 for CVE-2020-14361", url: "https://bugzilla.suse.com/1174635", }, { category: "external", summary: "SUSE Bug 1174638 for CVE-2020-14361", url: "https://bugzilla.suse.com/1174638", }, { category: "external", summary: "SUSE Bug 1174910 for CVE-2020-14361", url: "https://bugzilla.suse.com/1174910", }, { category: "external", summary: "SUSE Bug 1174913 for CVE-2020-14361", url: "https://bugzilla.suse.com/1174913", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-14361", }, { cve: "CVE-2020-14362", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-14362", }, ], notes: [ { category: "general", text: "A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-14362", url: "https://www.suse.com/security/cve/CVE-2020-14362", }, { category: "external", summary: "SUSE Bug 1174635 for CVE-2020-14362", url: "https://bugzilla.suse.com/1174635", }, { category: "external", summary: "SUSE Bug 1174638 for CVE-2020-14362", url: "https://bugzilla.suse.com/1174638", }, { category: "external", summary: "SUSE Bug 1174910 for CVE-2020-14362", url: "https://bugzilla.suse.com/1174910", }, { category: "external", summary: "SUSE Bug 1174913 for CVE-2020-14362", url: "https://bugzilla.suse.com/1174913", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-14362", }, { cve: "CVE-2020-25712", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25712", }, ], notes: [ { category: "general", text: "A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25712", url: "https://www.suse.com/security/cve/CVE-2020-25712", }, { category: "external", summary: "SUSE Bug 1174908 for CVE-2020-25712", url: "https://bugzilla.suse.com/1174908", }, { category: "external", summary: "SUSE Bug 1177596 for CVE-2020-25712", url: "https://bugzilla.suse.com/1177596", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-25712", }, { cve: "CVE-2021-3472", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-3472", }, ], notes: [ { category: "general", text: "A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-3472", url: "https://www.suse.com/security/cve/CVE-2021-3472", }, { category: "external", summary: "SUSE Bug 1180128 for CVE-2021-3472", url: "https://bugzilla.suse.com/1180128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-Xvfb-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-extra-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-sdk-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-source-1.20.13-1.2.x86_64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.aarch64", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.ppc64le", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.s390x", "openSUSE Tumbleweed:xorg-x11-server-wrapper-1.20.13-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-3472", }, ], }
fkie_cve-2017-12176
Vulnerability from fkie_nvd
Published
2018-01-24 15:29
Modified
2024-11-21 03:08
Severity ?
Summary
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| x.org | xorg-server | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*", matchCriteriaId: "D7F78F58-F48F-46EB-8765-2C40367BF8A1", versionEndExcluding: "1.19.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", }, { lang: "es", value: "xorg-x11-server en versiones anteriores a la 1.19.5 no tenía una validación extra de longitud en la función ProcEstablishConnection, lo que permitía que atacantes remotos permitan que el cliente malicioso X provoque que el servidor X se cierre inesperadamente o que, posiblemente, ejecute código arbitrario.", }, ], id: "CVE-2017-12176", lastModified: "2024-11-21T03:08:59.427", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-24T15:29:00.247", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1509214", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://security.gentoo.org/glsa/201711-05", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2017/dsa-4000", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1509214", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://security.gentoo.org/glsa/201711-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2017/dsa-4000", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-391", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
gsd-2017-12176
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Aliases
Aliases
{ GSD: { alias: "CVE-2017-12176", description: "xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", id: "GSD-2017-12176", references: [ "https://www.suse.com/security/cve/CVE-2017-12176.html", "https://www.debian.org/security/2017/dsa-4000", "https://ubuntu.com/security/CVE-2017-12176", "https://advisories.mageia.org/CVE-2017-12176.html", "https://security.archlinux.org/CVE-2017-12176", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2017-12176", ], details: "xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", id: "GSD-2017-12176", modified: "2023-12-13T01:21:03.831999Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", DATE_PUBLIC: "2017-10-10T00:00:00", ID: "CVE-2017-12176", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "xorg-x11-server", version: { version_data: [ { version_value: "before 1.19.5", }, ], }, }, ], }, vendor_name: "The X.Org Foundation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-391", }, ], }, ], }, references: { reference_data: [ { name: "DSA-4000", refsource: "DEBIAN", url: "https://www.debian.org/security/2017/dsa-4000", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1509214", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1509214", }, { name: "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html", }, { name: "GLSA-201711-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201711-05", }, { name: "https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81", refsource: "CONFIRM", url: "https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.19.5", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2017-12176", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81", refsource: "CONFIRM", tags: [ "Patch", "Third Party Advisory", ], url: "https://cgit.freedesktop.org/xorg/xserver/commit/?id=b747da5e25be944337a9cd1415506fc06b70aa81", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1509214", refsource: "CONFIRM", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", "VDB Entry", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1509214", }, { name: "DSA-4000", refsource: "DEBIAN", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2017/dsa-4000", }, { name: "GLSA-201711-05", refsource: "GENTOO", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://security.gentoo.org/glsa/201711-05", }, { name: "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update", refsource: "MLIST", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: true, cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, }, }, lastModifiedDate: "2019-10-09T23:22Z", publishedDate: "2018-01-24T15:29Z", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.