CVE-2013-4396

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-4396 at MITRE

Description

Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.

NVD CVSS v2 Base Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

SUSE information

SUSE Bugzilla entry: 843652

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Software Development Kit 11 SP3
  • xorg-x11-server-sdk >= 7.4-27.83.2
Builds
SAT Patch Nr: 8464
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • xorg-x11-Xvnc >= 7.4-27.83.2
  • xorg-x11-server >= 7.4-27.83.2
  • xorg-x11-server-extra >= 7.4-27.83.2
Builds
SAT Patch Nr: 8464
SUSE Linux Enterprise Software Development Kit 11 SP2
  • xorg-x11-server-sdk >= 7.4-27.70.74.1
Builds
SAT Patch Nr: 8463
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • xorg-x11-Xvnc >= 7.4-27.70.74.1
  • xorg-x11-server >= 7.4-27.70.74.1
  • xorg-x11-server-extra >= 7.4-27.70.74.1
Builds
SAT Patch Nr: 8463
SUSE Linux Enterprise Server 11 SP1 LTSS
  • xorg-x11-Xvnc >= 7.4-27.40.70.1
  • xorg-x11-server >= 7.4-27.40.70.1
  • xorg-x11-server-extra >= 7.4-27.40.70.1
Builds
SAT Patch Nr: 9126
openSUSE 12.3
  • xorg-x11-server >= 7.6_1.13.2-1.17.1
  • xorg-x11-server-debuginfo >= 7.6_1.13.2-1.17.1
  • xorg-x11-server-debugsource >= 7.6_1.13.2-1.17.1
  • xorg-x11-server-extra >= 7.6_1.13.2-1.17.1
  • xorg-x11-server-extra-debuginfo >= 7.6_1.13.2-1.17.1
  • xorg-x11-server-sdk >= 7.6_1.13.2-1.17.1
Patchnames:
openSUSE-2013-807
openSUSE Evergreen 11.4
  • xorg-x11-Xvnc >= 7.6_1.9.3-15.44.1
  • xorg-x11-Xvnc-debuginfo >= 7.6_1.9.3-15.44.1
  • xorg-x11-server >= 7.6_1.9.3-15.44.1
  • xorg-x11-server-debuginfo >= 7.6_1.9.3-15.44.1
  • xorg-x11-server-debugsource >= 7.6_1.9.3-15.44.1
  • xorg-x11-server-extra >= 7.6_1.9.3-15.44.1
  • xorg-x11-server-extra-debuginfo >= 7.6_1.9.3-15.44.1
  • xorg-x11-server-sdk >= 7.6_1.9.3-15.44.1
Patchnames:
2013-153