Fluid Attacks Database

Description

xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
alpine v3.6	xorg-server	=1.10.0-r0 \|\| =1.10.0.901-r0 \|\| =1.10.0.902-r0 \|\| =1.10.1-r0 \|\| =1.10.1-r1 \|\| =1.10.2-r0 \|\| =1.10.3-r0 \|\| =1.10.4-r0 \|\| =1.11.0-r0 \|\| =1.11.1-r0 \|\| =1.11.1-r1 \|\| =1.11.1.902-r0 \|\| =1.11.2-r0 \|\| =1.11.3-r0 \|\| =1.11.4-r0 \|\| =1.11.4-r1 \|\| =1.12.0-r0 \|\| =1.12.1-r0 \|\| =1.12.1-r1 \|\| =1.12.1.902-r0 \|\| =1.12.2-r0 \|\| =1.12.3-r0 \|\| =1.12.4-r0 \|\| =1.13.0-r0 \|\| =1.13.1-r0 \|\| =1.13.2-r0 \|\| =1.13.2-r1 \|\| =1.13.2-r2 \|\| =1.14.0-r0 \|\| =1.14.0-r1 \|\| =1.14.1-r0 \|\| =1.14.2-r0 \|\| =1.14.3-r0 \|\| =1.14.4-r0 \|\| =1.14.5-r0 \|\| =1.15.0-r0 \|\| =1.15.0-r1 \|\| =1.15.1-r0 \|\| =1.15.2-r0 \|\| =1.16.0-r0 \|\| =1.16.0-r1 \|\| =1.16.0-r2 \|\| =1.16.1-r0 \|\| =1.16.2-r0 \|\| =1.16.2.901-r0 \|\| =1.16.3-r0 \|\| =1.17.1-r0 \|\| =1.17.1-r1 \|\| =1.17.1-r2 \|\| =1.17.1-r3 \|\| =1.17.2-r0 \|\| =1.17.2-r1 \|\| =1.17.2-r2 \|\| =1.17.3-r0 \|\| =1.17.4-r0 \|\| =1.17.4-r1 \|\| =1.18.0-r0 \|\| =1.18.1-r0 \|\| =1.18.2-r0 \|\| =1.18.3-r0 \|\| =1.18.4-r0 \|\| =1.18.4-r1 \|\| =1.18.4-r2 \|\| =1.18.4-r3 \|\| =1.18.4-r4 \|\| =1.19.3-r0 \|\| =1.19.3-r1 \|\| =1.19.3-r2 \|\| =1.6.0-r0 \|\| =1.6.0-r1 \|\| =1.6.0-r2 \|\| =1.6.0-r3 \|\| =1.6.0-r4 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.1-r2 \|\| =1.6.1-r3 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.3-r1 \|\| =1.7.0.901-r1 \|\| =1.7.1-r0 \|\| =1.7.3.901-r0 \|\| =1.7.3.902-r0 \|\| =1.7.4.901-r0 \|\| =1.7.6-r0 \|\| =1.7.6-r1 \|\| =1.7.6-r2 \|\| =1.7.7-r0 \|\| =1.7.7-r1 \|\| =1.9.0-r0 \|\| =1.9.0-r1 \|\| =1.9.0.901-r0 \|\| =1.9.1-r0 \|\| =1.9.2-r0 \|\| =1.9.3-r0 \|\| =1.9.3.901-r0 \|\| =1.9.3.902-r0 \|\| =1.9.4-r0 \|\| =1.9.4-r1 \|\| >=0 <1.19.5-r0	1.19.5-r0
alpine v3.7	xorg-server	=1.10.0-r0 \|\| =1.10.0.901-r0 \|\| =1.10.0.902-r0 \|\| =1.10.1-r0 \|\| =1.10.1-r1 \|\| =1.10.2-r0 \|\| =1.10.3-r0 \|\| =1.10.4-r0 \|\| =1.11.0-r0 \|\| =1.11.1-r0 \|\| =1.11.1-r1 \|\| =1.11.1.902-r0 \|\| =1.11.2-r0 \|\| =1.11.3-r0 \|\| =1.11.4-r0 \|\| =1.11.4-r1 \|\| =1.12.0-r0 \|\| =1.12.1-r0 \|\| =1.12.1-r1 \|\| =1.12.1.902-r0 \|\| =1.12.2-r0 \|\| =1.12.3-r0 \|\| =1.12.4-r0 \|\| =1.13.0-r0 \|\| =1.13.1-r0 \|\| =1.13.2-r0 \|\| =1.13.2-r1 \|\| =1.13.2-r2 \|\| =1.14.0-r0 \|\| =1.14.0-r1 \|\| =1.14.1-r0 \|\| =1.14.2-r0 \|\| =1.14.3-r0 \|\| =1.14.4-r0 \|\| =1.14.5-r0 \|\| =1.15.0-r0 \|\| =1.15.0-r1 \|\| =1.15.1-r0 \|\| =1.15.2-r0 \|\| =1.16.0-r0 \|\| =1.16.0-r1 \|\| =1.16.0-r2 \|\| =1.16.1-r0 \|\| =1.16.2-r0 \|\| =1.16.2.901-r0 \|\| =1.16.3-r0 \|\| =1.17.1-r0 \|\| =1.17.1-r1 \|\| =1.17.1-r2 \|\| =1.17.1-r3 \|\| =1.17.2-r0 \|\| =1.17.2-r1 \|\| =1.17.2-r2 \|\| =1.17.3-r0 \|\| =1.17.4-r0 \|\| =1.17.4-r1 \|\| =1.18.0-r0 \|\| =1.18.1-r0 \|\| =1.18.2-r0 \|\| =1.18.3-r0 \|\| =1.18.4-r0 \|\| =1.18.4-r1 \|\| =1.18.4-r2 \|\| =1.18.4-r3 \|\| =1.18.4-r4 \|\| =1.19.3-r0 \|\| =1.19.3-r1 \|\| =1.19.3-r2 \|\| =1.19.3-r3 \|\| =1.19.3-r4 \|\| =1.6.0-r0 \|\| =1.6.0-r1 \|\| =1.6.0-r2 \|\| =1.6.0-r3 \|\| =1.6.0-r4 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.1-r2 \|\| =1.6.1-r3 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.3-r1 \|\| =1.7.0.901-r1 \|\| =1.7.1-r0 \|\| =1.7.3.901-r0 \|\| =1.7.3.902-r0 \|\| =1.7.4.901-r0 \|\| =1.7.6-r0 \|\| =1.7.6-r1 \|\| =1.7.6-r2 \|\| =1.7.7-r0 \|\| =1.7.7-r1 \|\| =1.9.0-r0 \|\| =1.9.0-r1 \|\| =1.9.0.901-r0 \|\| =1.9.1-r0 \|\| =1.9.2-r0 \|\| =1.9.3-r0 \|\| =1.9.3.901-r0 \|\| =1.9.3.902-r0 \|\| =1.9.4-r0 \|\| =1.9.4-r1 \|\| >=0 <1.19.5-r0	1.19.5-r0
debian 11	xorg-server	>=0 <2:1.19.5-1	2:1.19.5-1
debian 14	xorg-server	>=0 <2:1.19.5-1	2:1.19.5-1
alpine v3.10	xorg-server	=1.10.0-r0 \|\| =1.10.0.901-r0 \|\| =1.10.0.902-r0 \|\| =1.10.1-r0 \|\| =1.10.1-r1 \|\| =1.10.2-r0 \|\| =1.10.3-r0 \|\| =1.10.4-r0 \|\| =1.11.0-r0 \|\| =1.11.1-r0 \|\| =1.11.1-r1 \|\| =1.11.1.902-r0 \|\| =1.11.2-r0 \|\| =1.11.3-r0 \|\| =1.11.4-r0 \|\| =1.11.4-r1 \|\| =1.12.0-r0 \|\| =1.12.1-r0 \|\| =1.12.1-r1 \|\| =1.12.1.902-r0 \|\| =1.12.2-r0 \|\| =1.12.3-r0 \|\| =1.12.4-r0 \|\| =1.13.0-r0 \|\| =1.13.1-r0 \|\| =1.13.2-r0 \|\| =1.13.2-r1 \|\| =1.13.2-r2 \|\| =1.14.0-r0 \|\| =1.14.0-r1 \|\| =1.14.1-r0 \|\| =1.14.2-r0 \|\| =1.14.3-r0 \|\| =1.14.4-r0 \|\| =1.14.5-r0 \|\| =1.15.0-r0 \|\| =1.15.0-r1 \|\| =1.15.1-r0 \|\| =1.15.2-r0 \|\| =1.16.0-r0 \|\| =1.16.0-r1 \|\| =1.16.0-r2 \|\| =1.16.1-r0 \|\| =1.16.2-r0 \|\| =1.16.2.901-r0 \|\| =1.16.3-r0 \|\| =1.17.1-r0 \|\| =1.17.1-r1 \|\| =1.17.1-r2 \|\| =1.17.1-r3 \|\| =1.17.2-r0 \|\| =1.17.2-r1 \|\| =1.17.2-r2 \|\| =1.17.3-r0 \|\| =1.17.4-r0 \|\| =1.17.4-r1 \|\| =1.18.0-r0 \|\| =1.18.1-r0 \|\| =1.18.2-r0 \|\| =1.18.3-r0 \|\| =1.18.4-r0 \|\| =1.18.4-r1 \|\| =1.18.4-r2 \|\| =1.18.4-r3 \|\| =1.18.4-r4 \|\| =1.19.3-r0 \|\| =1.19.3-r1 \|\| =1.19.3-r2 \|\| =1.19.3-r3 \|\| =1.19.3-r4 \|\| =1.6.0-r0 \|\| =1.6.0-r1 \|\| =1.6.0-r2 \|\| =1.6.0-r3 \|\| =1.6.0-r4 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.1-r2 \|\| =1.6.1-r3 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.3-r1 \|\| =1.7.0.901-r1 \|\| =1.7.1-r0 \|\| =1.7.3.901-r0 \|\| =1.7.3.902-r0 \|\| =1.7.4.901-r0 \|\| =1.7.6-r0 \|\| =1.7.6-r1 \|\| =1.7.6-r2 \|\| =1.7.7-r0 \|\| =1.7.7-r1 \|\| =1.9.0-r0 \|\| =1.9.0-r1 \|\| =1.9.0.901-r0 \|\| =1.9.1-r0 \|\| =1.9.2-r0 \|\| =1.9.3-r0 \|\| =1.9.3.901-r0 \|\| =1.9.3.902-r0 \|\| =1.9.4-r0 \|\| =1.9.4-r1 \|\| >=0 <1.19.5-r0	1.19.5-r0
alpine v3.11	xorg-server	=1.10.0-r0 \|\| =1.10.0.901-r0 \|\| =1.10.0.902-r0 \|\| =1.10.1-r0 \|\| =1.10.1-r1 \|\| =1.10.2-r0 \|\| =1.10.3-r0 \|\| =1.10.4-r0 \|\| =1.11.0-r0 \|\| =1.11.1-r0 \|\| =1.11.1-r1 \|\| =1.11.1.902-r0 \|\| =1.11.2-r0 \|\| =1.11.3-r0 \|\| =1.11.4-r0 \|\| =1.11.4-r1 \|\| =1.12.0-r0 \|\| =1.12.1-r0 \|\| =1.12.1-r1 \|\| =1.12.1.902-r0 \|\| =1.12.2-r0 \|\| =1.12.3-r0 \|\| =1.12.4-r0 \|\| =1.13.0-r0 \|\| =1.13.1-r0 \|\| =1.13.2-r0 \|\| =1.13.2-r1 \|\| =1.13.2-r2 \|\| =1.14.0-r0 \|\| =1.14.0-r1 \|\| =1.14.1-r0 \|\| =1.14.2-r0 \|\| =1.14.3-r0 \|\| =1.14.4-r0 \|\| =1.14.5-r0 \|\| =1.15.0-r0 \|\| =1.15.0-r1 \|\| =1.15.1-r0 \|\| =1.15.2-r0 \|\| =1.16.0-r0 \|\| =1.16.0-r1 \|\| =1.16.0-r2 \|\| =1.16.1-r0 \|\| =1.16.2-r0 \|\| =1.16.2.901-r0 \|\| =1.16.3-r0 \|\| =1.17.1-r0 \|\| =1.17.1-r1 \|\| =1.17.1-r2 \|\| =1.17.1-r3 \|\| =1.17.2-r0 \|\| =1.17.2-r1 \|\| =1.17.2-r2 \|\| =1.17.3-r0 \|\| =1.17.4-r0 \|\| =1.17.4-r1 \|\| =1.18.0-r0 \|\| =1.18.1-r0 \|\| =1.18.2-r0 \|\| =1.18.3-r0 \|\| =1.18.4-r0 \|\| =1.18.4-r1 \|\| =1.18.4-r2 \|\| =1.18.4-r3 \|\| =1.18.4-r4 \|\| =1.19.3-r0 \|\| =1.19.3-r1 \|\| =1.19.3-r2 \|\| =1.19.3-r3 \|\| =1.19.3-r4 \|\| =1.6.0-r0 \|\| =1.6.0-r1 \|\| =1.6.0-r2 \|\| =1.6.0-r3 \|\| =1.6.0-r4 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.1-r2 \|\| =1.6.1-r3 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.3-r1 \|\| =1.7.0.901-r1 \|\| =1.7.1-r0 \|\| =1.7.3.901-r0 \|\| =1.7.3.902-r0 \|\| =1.7.4.901-r0 \|\| =1.7.6-r0 \|\| =1.7.6-r1 \|\| =1.7.6-r2 \|\| =1.7.7-r0 \|\| =1.7.7-r1 \|\| =1.9.0-r0 \|\| =1.9.0-r1 \|\| =1.9.0.901-r0 \|\| =1.9.1-r0 \|\| =1.9.2-r0 \|\| =1.9.3-r0 \|\| =1.9.3.901-r0 \|\| =1.9.3.902-r0 \|\| =1.9.4-r0 \|\| =1.9.4-r1 \|\| >=0 <1.19.5-r0	1.19.5-r0
alpine v3.12	xorg-server	=1.10.0-r0 \|\| =1.10.0.901-r0 \|\| =1.10.0.902-r0 \|\| =1.10.1-r0 \|\| =1.10.1-r1 \|\| =1.10.2-r0 \|\| =1.10.3-r0 \|\| =1.10.4-r0 \|\| =1.11.0-r0 \|\| =1.11.1-r0 \|\| =1.11.1-r1 \|\| =1.11.1.902-r0 \|\| =1.11.2-r0 \|\| =1.11.3-r0 \|\| =1.11.4-r0 \|\| =1.11.4-r1 \|\| =1.12.0-r0 \|\| =1.12.1-r0 \|\| =1.12.1-r1 \|\| =1.12.1.902-r0 \|\| =1.12.2-r0 \|\| =1.12.3-r0 \|\| =1.12.4-r0 \|\| =1.13.0-r0 \|\| =1.13.1-r0 \|\| =1.13.2-r0 \|\| =1.13.2-r1 \|\| =1.13.2-r2 \|\| =1.14.0-r0 \|\| =1.14.0-r1 \|\| =1.14.1-r0 \|\| =1.14.2-r0 \|\| =1.14.3-r0 \|\| =1.14.4-r0 \|\| =1.14.5-r0 \|\| =1.15.0-r0 \|\| =1.15.0-r1 \|\| =1.15.1-r0 \|\| =1.15.2-r0 \|\| =1.16.0-r0 \|\| =1.16.0-r1 \|\| =1.16.0-r2 \|\| =1.16.1-r0 \|\| =1.16.2-r0 \|\| =1.16.2.901-r0 \|\| =1.16.3-r0 \|\| =1.17.1-r0 \|\| =1.17.1-r1 \|\| =1.17.1-r2 \|\| =1.17.1-r3 \|\| =1.17.2-r0 \|\| =1.17.2-r1 \|\| =1.17.2-r2 \|\| =1.17.3-r0 \|\| =1.17.4-r0 \|\| =1.17.4-r1 \|\| =1.18.0-r0 \|\| =1.18.1-r0 \|\| =1.18.2-r0 \|\| =1.18.3-r0 \|\| =1.18.4-r0 \|\| =1.18.4-r1 \|\| =1.18.4-r2 \|\| =1.18.4-r3 \|\| =1.18.4-r4 \|\| =1.19.3-r0 \|\| =1.19.3-r1 \|\| =1.19.3-r2 \|\| =1.19.3-r3 \|\| =1.19.3-r4 \|\| =1.6.0-r0 \|\| =1.6.0-r1 \|\| =1.6.0-r2 \|\| =1.6.0-r3 \|\| =1.6.0-r4 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.1-r2 \|\| =1.6.1-r3 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.3-r1 \|\| =1.7.0.901-r1 \|\| =1.7.1-r0 \|\| =1.7.3.901-r0 \|\| =1.7.3.902-r0 \|\| =1.7.4.901-r0 \|\| =1.7.6-r0 \|\| =1.7.6-r1 \|\| =1.7.6-r2 \|\| =1.7.7-r0 \|\| =1.7.7-r1 \|\| =1.9.0-r0 \|\| =1.9.0-r1 \|\| =1.9.0.901-r0 \|\| =1.9.1-r0 \|\| =1.9.2-r0 \|\| =1.9.3-r0 \|\| =1.9.3.901-r0 \|\| =1.9.3.902-r0 \|\| =1.9.4-r0 \|\| =1.9.4-r1 \|\| >=0 <1.19.5-r0	1.19.5-r0
debian 12	xorg-server	>=0 <2:1.19.5-1	2:1.19.5-1
debian 13	xorg-server	>=0 <2:1.19.5-1	2:1.19.5-1
alpine v3.8	xorg-server	=1.10.0-r0 \|\| =1.10.0.901-r0 \|\| =1.10.0.902-r0 \|\| =1.10.1-r0 \|\| =1.10.1-r1 \|\| =1.10.2-r0 \|\| =1.10.3-r0 \|\| =1.10.4-r0 \|\| =1.11.0-r0 \|\| =1.11.1-r0 \|\| =1.11.1-r1 \|\| =1.11.1.902-r0 \|\| =1.11.2-r0 \|\| =1.11.3-r0 \|\| =1.11.4-r0 \|\| =1.11.4-r1 \|\| =1.12.0-r0 \|\| =1.12.1-r0 \|\| =1.12.1-r1 \|\| =1.12.1.902-r0 \|\| =1.12.2-r0 \|\| =1.12.3-r0 \|\| =1.12.4-r0 \|\| =1.13.0-r0 \|\| =1.13.1-r0 \|\| =1.13.2-r0 \|\| =1.13.2-r1 \|\| =1.13.2-r2 \|\| =1.14.0-r0 \|\| =1.14.0-r1 \|\| =1.14.1-r0 \|\| =1.14.2-r0 \|\| =1.14.3-r0 \|\| =1.14.4-r0 \|\| =1.14.5-r0 \|\| =1.15.0-r0 \|\| =1.15.0-r1 \|\| =1.15.1-r0 \|\| =1.15.2-r0 \|\| =1.16.0-r0 \|\| =1.16.0-r1 \|\| =1.16.0-r2 \|\| =1.16.1-r0 \|\| =1.16.2-r0 \|\| =1.16.2.901-r0 \|\| =1.16.3-r0 \|\| =1.17.1-r0 \|\| =1.17.1-r1 \|\| =1.17.1-r2 \|\| =1.17.1-r3 \|\| =1.17.2-r0 \|\| =1.17.2-r1 \|\| =1.17.2-r2 \|\| =1.17.3-r0 \|\| =1.17.4-r0 \|\| =1.17.4-r1 \|\| =1.18.0-r0 \|\| =1.18.1-r0 \|\| =1.18.2-r0 \|\| =1.18.3-r0 \|\| =1.18.4-r0 \|\| =1.18.4-r1 \|\| =1.18.4-r2 \|\| =1.18.4-r3 \|\| =1.18.4-r4 \|\| =1.19.3-r0 \|\| =1.19.3-r1 \|\| =1.19.3-r2 \|\| =1.19.3-r3 \|\| =1.19.3-r4 \|\| =1.6.0-r0 \|\| =1.6.0-r1 \|\| =1.6.0-r2 \|\| =1.6.0-r3 \|\| =1.6.0-r4 \|\| =1.6.1-r0 \|\| =1.6.1-r1 \|\| =1.6.1-r2 \|\| =1.6.1-r3 \|\| =1.6.2-r0 \|\| =1.6.2-r1 \|\| =1.6.3-r0 \|\| =1.6.3-r1 \|\| =1.7.0.901-r1 \|\| =1.7.1-r0 \|\| =1.7.3.901-r0 \|\| =1.7.3.902-r0 \|\| =1.7.4.901-r0 \|\| =1.7.6-r0 \|\| =1.7.6-r1 \|\| =1.7.6-r2 \|\| =1.7.7-r0 \|\| =1.7.7-r1 \|\| =1.9.0-r0 \|\| =1.9.0-r1 \|\| =1.9.0.901-r0 \|\| =1.9.1-r0 \|\| =1.9.2-r0 \|\| =1.9.3-r0 \|\| =1.9.3.901-r0 \|\| =1.9.3.902-r0 \|\| =1.9.4-r0 \|\| =1.9.4-r1 \|\| >=0 <1.19.5-r0	1.19.5-r0

1-10 of 14

Aliases

1. CVE-2017-121872. NVD-2017-121873. OSV-ALPINE-2017-121874. OSV-2017-121875. OSV-DEBIAN-2017-121876. SECURITY-CVE-2017-121877. SECURITY-TRACKER-CVE-2017-12187

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.