Bugzilla – Bug 1003002
VUL-0: CVE-2016-7949, CVE-2016-7950: xorg-x11-libXrender, libXrender: Insufficient validation of data length can cause out of boundary memory writes.
Last modified: 2017-10-26 07:21:35 UTC
Insufficient validation of data from the X server can cause out of boundary memory writes. Affected version: libXrender <= 0.9.9 CVE-2016-7949 Upstream fix: https://cgit.freedesktop.org/xorg/lib/libXrender/commit/?id=9362c7ddd1af3b168953d0737877bc52d79c94f4 Validate lengths while parsing server data. CVE-2016-7950 Upstream fix: https://cgit.freedesktop.org/xorg/lib/libXrender/commit/?id=8fad00b0b647ee662ce4737ca15be033b7a21714 Avoid OOB write in XRenderQueryFilters References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7949 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7950 http://seclists.org/oss-sec/2016/q4/17 http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7949.html http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7950.html https://access.redhat.com/security/cve/cve-2016-5407
Fix submitrequested for SUSE:SLE-12-SP2:GA (also covers Leap 42.2).
bugbot adjusting priority
SUSE-SU-2016:2505-1: An update that fixes 12 vulnerabilities is now available. Category: security (moderate) Bug References: 1002991,1002995,1002998,1003000,1003002,1003012,1003017,1003023 CVE References: CVE-2016-5407,CVE-2016-7942,CVE-2016-7944,CVE-2016-7945,CVE-2016-7946,CVE-2016-7947,CVE-2016-7948,CVE-2016-7949,CVE-2016-7950,CVE-2016-7951,CVE-2016-7952,CVE-2016-7953 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP1 (src): libX11-1.6.2-6.2, libXfixes-5.0.1-5.2, libXi-1.7.4-12.2, libXrandr-1.4.2-5.2, libXrender-0.9.8-5.2, libXtst-1.2.2-5.2, libXv-1.0.10-5.2, libXvMC-1.0.8-5.2 SUSE Linux Enterprise Server 12-SP1 (src): libX11-1.6.2-6.2, libXfixes-5.0.1-5.2, libXi-1.7.4-12.2, libXrandr-1.4.2-5.2, libXrender-0.9.8-5.2, libXtst-1.2.2-5.2, libXv-1.0.10-5.2, libXvMC-1.0.8-5.2 SUSE Linux Enterprise Desktop 12-SP1 (src): libX11-1.6.2-6.2, libXfixes-5.0.1-5.2, libXi-1.7.4-12.2, libXrandr-1.4.2-5.2, libXrender-0.9.8-5.2, libXtst-1.2.2-5.2, libXv-1.0.10-5.2, libXvMC-1.0.8-5.2
This is an autogenerated message for OBS integration: This bug (1003002) was mentioned in https://build.opensuse.org/request/show/435726 42.1 / libXrender
openSUSE-SU-2016:2600-1: An update that fixes 12 vulnerabilities is now available. Category: security (moderate) Bug References: 1002991,1002995,1002998,1003000,1003002,1003012,1003017,1003023 CVE References: CVE-2016-5407,CVE-2016-7942,CVE-2016-7944,CVE-2016-7945,CVE-2016-7946,CVE-2016-7947,CVE-2016-7948,CVE-2016-7949,CVE-2016-7950,CVE-2016-7951,CVE-2016-7952,CVE-2016-7953 Sources used: openSUSE Leap 42.1 (src): libX11-1.6.3-6.1, libXfixes-5.0.1-7.1, libXi-1.7.5-3.1, libXrandr-1.5.0-3.1, libXrender-0.9.9-3.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.9-3.1
openSUSE 13.2 remains affected. SLE 11 xorg-x11-libXrender tracked as affected.
(In reply to Andreas Stieger from comment #8) > openSUSE 13.2 remains affected. > SLE 11 xorg-x11-libXrender tracked as affected. Of course. I stopped working on this sec. update a long time ago.
SUSE-SU-2016:2828-1: An update that fixes 12 vulnerabilities is now available. Category: security (moderate) Bug References: 1002991,1002995,1002998,1003000,1003002,1003012,1003017,1003023 CVE References: CVE-2016-5407,CVE-2016-7942,CVE-2016-7944,CVE-2016-7945,CVE-2016-7946,CVE-2016-7947,CVE-2016-7948,CVE-2016-7949,CVE-2016-7950,CVE-2016-7951,CVE-2016-7952,CVE-2016-7953 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP2 (src): libX11-1.6.2-8.1, libXfixes-5.0.1-7.1, libXi-1.7.4-14.1, libXrender-0.9.8-7.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.8-7.1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src): libX11-1.6.2-8.1, libXfixes-5.0.1-7.1, libXi-1.7.4-14.1, libXrender-0.9.8-7.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.8-7.1 SUSE Linux Enterprise Server 12-SP2 (src): libX11-1.6.2-8.1, libXfixes-5.0.1-7.1, libXi-1.7.4-14.1, libXrender-0.9.8-7.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.8-7.1 SUSE Linux Enterprise Desktop 12-SP2 (src): libX11-1.6.2-8.1, libXfixes-5.0.1-7.1, libXi-1.7.4-14.1, libXrender-0.9.8-7.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.8-7.1
https://lists.freedesktop.org/archives/xorg-devel/2016-October/051686.html https://lists.freedesktop.org/archives/xorg-devel/2016-October/051687.html https://lists.freedesktop.org/archives/xorg-devel/2016-October/051688.html Will these help? Thats what I found so far from upstream acknowleding the previously introduced memleaks.
Thanks. This is very useful. Now I can continue working on this. :-)
This is an autogenerated message for OBS integration: This bug (1003002) was mentioned in https://build.opensuse.org/request/show/441820 13.2 / libXrender
sle10 also done. Reassigning to security team.
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2016-12-14. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/63232
openSUSE-SU-2016:3036-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 1003002 CVE References: CVE-2016-7949,CVE-2016-7950 Sources used: openSUSE 13.2 (src): libXrender-0.9.8-4.3.1
SUSE-SU-2016:3115-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 1003002 CVE References: CVE-2016-7949,CVE-2016-7950 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): xorg-x11-libXrender-7.4-1.20.1 SUSE Linux Enterprise Server 11-SP4 (src): xorg-x11-libXrender-7.4-1.20.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): xorg-x11-libXrender-7.4-1.20.1
released