[3.7] libx11: Multiple vulnerabilities (CVE-2018-14598, CVE-2018-14599, CVE-2018-14600)ID: oval:org.secpod.oval:def:1801199 | Date: (C)2018-10-12 (M)2023-11-10 |
Class: PATCH | Family: unix |
CVE-2018-14598: Crash on invalid reply in XListExtensions in ListExt.c¶ An issue was discovered in ListExt.c:XListExtensions and GetFPath.c:XGetFontPath in libX11 through version 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS . Fixed In Version:¶ libX11 1.6.6
Platform: |
Alpine Linux 3.7 |