Bug 1003000 - (CVE-2016-7947) VUL-0: CVE-2016-7947, CVE-2016-7948: libXrandr: insufficient validation of data can cause out of boundary memory writes.
(CVE-2016-7947)
VUL-0: CVE-2016-7947, CVE-2016-7948: libXrandr: insufficient validation of da...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/173139/
CVSSv2:SUSE:CVE-2016-7948:5.1:(AV:N/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-10-05 08:56 UTC by Johannes Segitz
Modified: 2017-10-26 07:21 UTC (History)
5 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2016-10-05 08:56:41 UTC
Insufficient validation of data from the X server can cause out of boundary memory writes.

Affected versions: libXrandr <= 1.5.0

Upstream fix: https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6

CVE-2016-7947 for all of the integer overflows
CVE-2016-7948 for all of the other mishandling of the reply data.


References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7947
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7948
http://seclists.org/oss-sec/2016/q4/17
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7947.html
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7948.html
https://access.redhat.com/security/cve/cve-2016-5407
Comment 1 Stefan Dirsch 2016-10-05 13:44:07 UTC
Fix submitrequested for SUSE:SLE-12-SP2:GA (also covers Leap 42.2).
Comment 4 Swamp Workflow Management 2016-10-05 22:01:15 UTC
bugbot adjusting priority
Comment 5 Swamp Workflow Management 2016-10-12 13:09:12 UTC
SUSE-SU-2016:2505-1: An update that fixes 12 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1002991,1002995,1002998,1003000,1003002,1003012,1003017,1003023
CVE References: CVE-2016-5407,CVE-2016-7942,CVE-2016-7944,CVE-2016-7945,CVE-2016-7946,CVE-2016-7947,CVE-2016-7948,CVE-2016-7949,CVE-2016-7950,CVE-2016-7951,CVE-2016-7952,CVE-2016-7953
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    libX11-1.6.2-6.2, libXfixes-5.0.1-5.2, libXi-1.7.4-12.2, libXrandr-1.4.2-5.2, libXrender-0.9.8-5.2, libXtst-1.2.2-5.2, libXv-1.0.10-5.2, libXvMC-1.0.8-5.2
SUSE Linux Enterprise Server 12-SP1 (src):    libX11-1.6.2-6.2, libXfixes-5.0.1-5.2, libXi-1.7.4-12.2, libXrandr-1.4.2-5.2, libXrender-0.9.8-5.2, libXtst-1.2.2-5.2, libXv-1.0.10-5.2, libXvMC-1.0.8-5.2
SUSE Linux Enterprise Desktop 12-SP1 (src):    libX11-1.6.2-6.2, libXfixes-5.0.1-5.2, libXi-1.7.4-12.2, libXrandr-1.4.2-5.2, libXrender-0.9.8-5.2, libXtst-1.2.2-5.2, libXv-1.0.10-5.2, libXvMC-1.0.8-5.2
Comment 7 Bernhard Wiedemann 2016-10-17 14:00:37 UTC
This is an autogenerated message for OBS integration:
This bug (1003000) was mentioned in
https://build.opensuse.org/request/show/435727 42.1 / libXrandr
Comment 8 Swamp Workflow Management 2016-10-23 22:09:27 UTC
openSUSE-SU-2016:2600-1: An update that fixes 12 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1002991,1002995,1002998,1003000,1003002,1003012,1003017,1003023
CVE References: CVE-2016-5407,CVE-2016-7942,CVE-2016-7944,CVE-2016-7945,CVE-2016-7946,CVE-2016-7947,CVE-2016-7948,CVE-2016-7949,CVE-2016-7950,CVE-2016-7951,CVE-2016-7952,CVE-2016-7953
Sources used:
openSUSE Leap 42.1 (src):    libX11-1.6.3-6.1, libXfixes-5.0.1-7.1, libXi-1.7.5-3.1, libXrandr-1.5.0-3.1, libXrender-0.9.9-3.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.9-3.1
Comment 9 Andreas Stieger 2016-11-17 13:40:42 UTC
SLE done, openSUSE 13.2 remains affected
Comment 10 Stefan Dirsch 2016-11-17 13:46:24 UTC
(In reply to Andreas Stieger from comment #9)
> SLE done, openSUSE 13.2 remains affected

Why SLE done? I stopped working on this security update long time ago.
Comment 12 Swamp Workflow Management 2016-11-17 17:08:28 UTC
SUSE-SU-2016:2828-1: An update that fixes 12 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1002991,1002995,1002998,1003000,1003002,1003012,1003017,1003023
CVE References: CVE-2016-5407,CVE-2016-7942,CVE-2016-7944,CVE-2016-7945,CVE-2016-7946,CVE-2016-7947,CVE-2016-7948,CVE-2016-7949,CVE-2016-7950,CVE-2016-7951,CVE-2016-7952,CVE-2016-7953
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    libX11-1.6.2-8.1, libXfixes-5.0.1-7.1, libXi-1.7.4-14.1, libXrender-0.9.8-7.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.8-7.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    libX11-1.6.2-8.1, libXfixes-5.0.1-7.1, libXi-1.7.4-14.1, libXrender-0.9.8-7.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.8-7.1
SUSE Linux Enterprise Server 12-SP2 (src):    libX11-1.6.2-8.1, libXfixes-5.0.1-7.1, libXi-1.7.4-14.1, libXrender-0.9.8-7.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.8-7.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    libX11-1.6.2-8.1, libXfixes-5.0.1-7.1, libXi-1.7.4-14.1, libXrender-0.9.8-7.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.8-7.1
Comment 14 Stefan Dirsch 2016-11-22 14:55:41 UTC
Thanks. This is very useful. Now I can continue working on this. :-)
Comment 15 Bernhard Wiedemann 2016-11-24 11:00:40 UTC
This is an autogenerated message for OBS integration:
This bug (1003000) was mentioned in
https://build.opensuse.org/request/show/441817 13.2 / libXrandr
https://build.opensuse.org/request/show/441818 42.2 / libXrandr
Comment 17 Stefan Dirsch 2016-11-29 16:41:43 UTC
sle10 also done. Reassigning to security team.
Comment 19 Swamp Workflow Management 2016-11-30 10:19:06 UTC
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2016-12-14.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/63232
Comment 20 Swamp Workflow Management 2016-12-07 14:08:46 UTC
openSUSE-SU-2016:3034-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1002991,1002998,1003000
CVE References: CVE-2016-7942,CVE-2016-7945,CVE-2016-7946,CVE-2016-7947,CVE-2016-7948
Sources used:
openSUSE Leap 42.2 (src):    libXrandr-1.5.0-5.1
openSUSE Leap 42.1 (src):    libX11-1.6.3-9.1, libXi-1.7.5-6.1
openSUSE 13.2 (src):    libX11-1.6.2-5.6.1, libXi-1.7.4-2.3.1, libXrandr-1.4.2-4.3.1, libxcb-1.11-2.5.1
Comment 22 Swamp Workflow Management 2016-12-16 21:07:35 UTC
SUSE-SU-2016:3189-1: An update that fixes 7 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1002998,1003000,1003012,1003023
CVE References: CVE-2016-7945,CVE-2016-7946,CVE-2016-7947,CVE-2016-7948,CVE-2016-7951,CVE-2016-7952,CVE-2016-7953
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    xorg-x11-libs-7.4-8.26.49.1
SUSE Linux Enterprise Server 11-SP4 (src):    xorg-x11-libs-7.4-8.26.49.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    xorg-x11-libs-7.4-8.26.49.1
Comment 23 Bernhard Wiedemann 2017-05-29 16:00:36 UTC
This is an autogenerated message for OBS integration:
This bug (1003000) was mentioned in
https://build.opensuse.org/request/show/499416 Factory / libXrandr
Comment 24 Marcus Meissner 2017-10-26 07:21:26 UTC
released