QwikSec

Security Database

CVE

CWE

Training

CVE-2018-14598

Published: Aug 24, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_UBUNTU

https://bugzilla.suse.com/show_bug.cgi?id=1102073

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

vdb-entry

x_refsource_BID

https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=e83722768fd5c467ef61fa159e8c6278770b45c2

x_refsource_CONFIRM

[oss-security] 20180821 X.Org security advisory: August 21, 2018

mailing-list

x_refsource_MLIST

vdb-entry

x_refsource_SECTRACK

[debian-lts-announce] 20180829 [SECURITY] [DLA 1482-1] libx11 security update

mailing-list

x_refsource_MLIST

[xorg-announce] 20180821 libX11 1.6.6

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_UBUNTU

FEDORA-2019-6a756fe3a5

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.