CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
83.2%
Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org
allows context-dependent attackers to cause a denial of service (crash) via
a negative bottom value.
Author | Note |
---|---|
mdeslaur | xorg server is actually the xorg-server package the xorg package only contains docs |
jdstrand | patch is straightforward but not yet accepted upstream. Open upstream questions as of 2013/12/18 package for Ubuntu 13.10 is available in saucy-proposed downgrading to low since pixman is already fixed, based on bug feedback |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 12.04 | noarch | xorg-server | < 2:1.11.4-0ubuntu10.17 | UNKNOWN |