Upstream information

CVE-2017-2624 at MITRE

Description

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

SUSE information

Overall state of this security issue: Running

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  SUSE
Base Score 4
Vector AV:L/AC:H/Au:N/C:C/I:N/A:N
Access Vector Local
Access Complexity High
Authentication None
Confidentiality Impact Complete
Integrity Impact None
Availability Impact None
SUSE Bugzilla entries: 1025029 [RESOLVED], 1025639 [NEW], 1035283 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12 SP2
  • xorg-x11-server >= 7.6_1.18.3-71.1
  • xorg-x11-server-extra >= 7.6_1.18.3-71.1
Patchnames:
SUSE-SLE-DESKTOP-12-SP2-2017-1037
SUSE Linux Enterprise Desktop 12 SP3
  • xorg-x11-server >= 7.6_1.18.3-71.1
  • xorg-x11-server-extra >= 7.6_1.18.3-71.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP3 GA xorg-x11-server
SUSE Linux Enterprise Server 11 SP4
  • xorg-x11-Xvnc >= 7.4-27.118.1
  • xorg-x11-server >= 7.4-27.118.1
  • xorg-x11-server-extra >= 7.4-27.118.1
Patchnames:
slessp4-xorg-x11-server-13186
SUSE Linux Enterprise Server 12 SP2
  • xorg-x11-server >= 7.6_1.18.3-71.1
  • xorg-x11-server-extra >= 7.6_1.18.3-71.1
Patchnames:
SUSE-SLE-SERVER-12-SP2-2017-1037
SUSE Linux Enterprise Server 12 SP3
  • xorg-x11-server >= 7.6_1.18.3-71.1
  • xorg-x11-server-extra >= 7.6_1.18.3-71.1
Patchnames:
SUSE Linux Enterprise Server 12 SP3 GA xorg-x11-server
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • xorg-x11-server >= 7.6_1.18.3-71.1
  • xorg-x11-server-extra >= 7.6_1.18.3-71.1
Patchnames:
SUSE-SLE-RPI-12-SP2-2017-1037
SUSE Linux Enterprise Software Development Kit 11 SP4
  • xorg-x11-server >= 7.4-27.118.1
  • xorg-x11-server-sdk >= 7.4-27.118.1
Patchnames:
sdksp4-xorg-x11-server-13186
SUSE Linux Enterprise Software Development Kit 12 SP2
  • xorg-x11-server >= 7.6_1.18.3-71.1
  • xorg-x11-server-sdk >= 7.6_1.18.3-71.1
Patchnames:
SUSE-SLE-SDK-12-SP2-2017-1037
SUSE Linux Enterprise Software Development Kit 12 SP3
  • xorg-x11-server-sdk >= 7.6_1.18.3-71.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP3 GA xorg-x11-server-sdk
openSUSE Leap 42.2
  • xorg-x11-server >= 7.6_1.18.3-12.15.2
  • xorg-x11-server-debuginfo >= 7.6_1.18.3-12.15.2
  • xorg-x11-server-debugsource >= 7.6_1.18.3-12.15.2
  • xorg-x11-server-extra >= 7.6_1.18.3-12.15.2
  • xorg-x11-server-extra-debuginfo >= 7.6_1.18.3-12.15.2
  • xorg-x11-server-sdk >= 7.6_1.18.3-12.15.2
  • xorg-x11-server-source >= 7.6_1.18.3-12.15.2
Patchnames:
openSUSE-2017-710
openSUSE Leap 42.3
  • xorg-x11-server >= 7.6_1.18.3-17.1
  • xorg-x11-server-extra >= 7.6_1.18.3-17.1
  • xorg-x11-server-sdk >= 7.6_1.18.3-17.1
Patchnames:
openSUSE Leap 42.3 GA xorg-x11-server


Status of this issue by product and package

Product(s) Source package State
SUSE Linux Enterprise Desktop 12 SP1 xorg-x11 Unsupported
SUSE Linux Enterprise Desktop 12 SP1 xorg-x11-server Unsupported
SUSE Linux Enterprise Desktop 12 SP2 xorg-x11 Not affected
SUSE Linux Enterprise Desktop 12 SP2 xorg-x11-server Released
SUSE Linux Enterprise SDK 11 SP4 xorg-x11-server Released
SUSE Linux Enterprise SDK 12 SP1 xorg-x11-server Unsupported
SUSE Linux Enterprise SDK 12 SP2 xorg-x11-server Released
SUSE Linux Enterprise Server 11 SP4 xorg-x11 Not affected
SUSE Linux Enterprise Server 11 SP4 xorg-x11-server Released
SUSE Linux Enterprise Server 12 SP1 xorg-x11 Unsupported
SUSE Linux Enterprise Server 12 SP1 xorg-x11-server Unsupported
SUSE Linux Enterprise Server 12 SP2 xorg-x11 Not affected
SUSE Linux Enterprise Server 12 SP2 xorg-x11-server Released
SUSE Linux Enterprise Server 12 SP2 for Raspberry Pi xorg-x11-server Released