Red Hat Bugzilla – Bug 1473204
CVE-2017-10971 xorg-x11-server: Stack overflow in the endianness conversion of X Events
Last modified: 2017-08-16 04:03:59 EDT
In the X.Org X server, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events.
Created xorg-x11-server tracking bugs for this issue:
Affects: fedora-all [bug 1473206]
Since the Xorg server is compiled with Stack-smashing protection, it looks like executing arbitrary code in the context of the X-server (root) involves guessing the stack canary, which can be extremely difficult to pull, hence the maximum impact of this flaw is X-server crash.