CVE-2017-2624 — Covert Timing Channel in X Server

CWE-385 — Covert Timing Channel CWE-200 — Sensitive Information Exposure9 documents8 sources

Severity

7.0HIGHNVD

CNA5.9

EPSS

0.0%

top 85.83%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

X.org Xorg-server X.org X Server Xorg Xorg-x11-server +1 more

Timeline

PublishedJul 27

Latest updateMay 13

Description

It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages3 packages

▶Debianx.org/xorg-server< 2:1.19.2-1+3

▶CVEListV5xorg/xorg-x11-server1.19.0

▶NVDx.org/x_server1.19.4

Also affects: Debian Linux 7.0

Patches

Patch: gitlab.freedesktop.org ↗Patch: gitlab.freedesktop.org ↗

🔴Vulnerability Details

GHSA

GHSA-6pw7-qhf8-rjff: It was found that xorg-x11-server before 1↗2022-05-13

▶

CVEList

CVE-2017-2624: It was found that xorg-x11-server before 1↗2018-07-27

▶

OSV

CVE-2017-2624: It was found that xorg-x11-server before 1↗2018-07-27

▶

📋Vendor Advisories

Ubuntu

X.Org X server vulnerabilities↗2017-07-24

▶

Red Hat

xorg-x11-server: timing attack against MIT Cookie↗2017-02-28

▶

Debian

CVE-2017-2624: xorg-server - It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check...↗2017

▶

💬Community

Bugzilla

CVE-2017-2624 xorg-x11-server: timing attack against MIT Cookie [fedora-all]↗2017-02-28

▶

Bugzilla

CVE-2017-2624 xorg-x11-server: timing attack against MIT Cookie↗2017-02-20

▶