4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.063 Low
EPSS
Percentile
93.7%
X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver
and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC)
authentication credentials, does not check the return value of a malloc
call, which allows remote attackers to cause a denial of service (NULL
pointer dereference and server crash) via a crafted connection request.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 12.04 | noarch | nvidia-graphics-drivers-304 | < 304.125-0ubuntu0.0.0.1 | UNKNOWN |
ubuntu | 14.04 | noarch | nvidia-graphics-drivers-304 | < 304.125-0ubuntu0.0.1 | UNKNOWN |
ubuntu | 14.10 | noarch | nvidia-graphics-drivers-304 | < 304.125-0ubuntu0.1 | UNKNOWN |
ubuntu | 12.04 | noarch | nvidia-graphics-drivers-304-updates | < 304.125-0ubuntu0.0.0.1 | UNKNOWN |
ubuntu | 14.04 | noarch | nvidia-graphics-drivers-304-updates | < 304.125-0ubuntu0.0.1 | UNKNOWN |
ubuntu | 14.10 | noarch | nvidia-graphics-drivers-304-updates | < 304.125-0ubuntu0.1 | UNKNOWN |
ubuntu | 12.04 | noarch | nvidia-graphics-drivers-331 | < 331.113-0ubuntu0.0.0.3 | UNKNOWN |
ubuntu | 14.04 | noarch | nvidia-graphics-drivers-331 | < 331.113-0ubuntu0.0.4 | UNKNOWN |
ubuntu | 14.10 | noarch | nvidia-graphics-drivers-331 | < 331.113-0ubuntu0.1 | UNKNOWN |
ubuntu | 12.04 | noarch | nvidia-graphics-drivers-331-updates | < 331.113-0ubuntu0.0.0.3 | UNKNOWN |
nvidia.custhelp.com/app/answers/detail/a_id/3610/kw/3610
www.x.org/wiki/Development/Security/Advisory-2014-12-09/
launchpad.net/bugs/cve/CVE-2014-8091
nvd.nist.gov/vuln/detail/CVE-2014-8091
security-tracker.debian.org/tracker/CVE-2014-8091
ubuntu.com/security/notices/USN-2436-1
ubuntu.com/security/notices/USN-2438-1
www.cve.org/CVERecord?id=CVE-2014-8091