CVE-2017-13723

2017-10-1001:30:21

Google

osv.dev

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp.

CPENameOperatorVersion
xservereqDomain-sync4
xorg-servereq1.7.1-r0
xorg-servereq1.13.0-r0
xservereqXORG-6_99_99_901
xorg-servereq1.9.2-r0
xservereqbefore-mesa-4_0-import
xservereqxorg-server-1.14.99.3
xservereqxf-4_0d
xorg-servereq1.11.1-r0
xservereqxf-4_0_2-bindist

Name	Operator	Version
xserver	eq	Domain-sync4
xorg-server	eq	1.7.1-r0
xorg-server	eq	1.13.0-r0
xserver	eq	XORG-6_99_99_901
xorg-server	eq	1.9.2-r0
xserver	eq	before-mesa-4_0-import
xserver	eq	xorg-server-1.14.99.3
xserver	eq	xf-4_0d
xorg-server	eq	1.11.1-r0
xserver	eq	xf-4_0_2-bindist