Bug 1381931 (CVE-2016-5407)
| Summary: | CVE-2016-5407 libXv: Insufficient validation of server responses results in out-of bounds accesses | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED WONTFIX | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | btissoir, huzaifas, kbost, sandmann, slawomir |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | libXv 1.0.11 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-06-08 02:59:41 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1381932 | ||
| Bug Blocks: | 1381939 | ||
|
Description
Andrej Nemec
2016-10-05 11:37:58 UTC
Created libXv tracking bugs for this issue: Affects: fedora-all [bug 1381932] Analysis: This issue stem from the client libraries trusting the server to send correct protocol data, and not verifying that the values will not overflow or cause other damage. Most of the time X clients & servers are run by the same user, with the server more privileged than the clients, under these circumstances this flaw should be non-exploitable, unless the attacker is able to run a MITM attack and impersonate a legitimate X server. |