CVE-2008-1379 — X11 vulnerability

CWE-1898 documents8 sources

Severity

6.8MEDIUMNVD

EPSS

1.0%

top 23.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

X.org Xorg-server X X11

Timeline

PublishedJun 16

Latest updateMay 3

Description

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.

CVSS vector

AV:N/AC:L/C:C/I:N/A:NExploitability: 8.0 | Impact: 6.9

Affected Packages2 packages

▶Debianx.org/xorg-server< 2:1.4.1~git20080517-2+3

▶NVDx/x11r7.3

Patches

Patch: ftp.freedesktop.org ↗Patch: www.securityfocus.com ↗Patch: ftp.freedesktop.org ↗

🔴Vulnerability Details

GHSA

GHSA-6524-8pr6-358q: Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1↗2022-05-03

▶

CVEList

CVE-2008-1379: Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1↗2008-06-16

▶

OSV

CVE-2008-1379: Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1↗2008-06-16

▶

📋Vendor Advisories

Ubuntu

X.org vulnerabilities↗2008-06-13

▶

Red Hat

X.org MIT-SHM extension arbitrary memory read↗2008-06-11

▶

Debian

CVE-2008-1379: xorg-server - Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X...↗2008

▶

💬Community

Bugzilla

CVE-2008-1379 X.org MIT-SHM extension arbitrary memory read↗2008-05-06

▶