Vulnerability Details : CVE-2018-14598
An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).
Vulnerability category: Memory CorruptionInput validationDenial of service
Products affected by CVE-2018-14598
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:x.org:libx11:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-14598
0.83%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 73 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-14598
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2018-14598
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-14598
-
https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=e83722768fd5c467ef61fa159e8c6278770b45c2
xorg/lib/libX11 - libX11 GIT Repository (mirrored from https://gitlab.freedesktop.org/xorg/lib/libx11)Patch;Third Party Advisory
-
https://usn.ubuntu.com/3758-2/
USN-3758-2: libx11 vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.securityfocus.com/bid/105177
X.Org libX11 'ListExt.c' Multiple Denial of Service VulnerabilitiesThird Party Advisory;VDB Entry
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGARUV66TS5OOSLR5A76BUB7SDV6GO4F/
[SECURITY] Fedora 28 Update: libX11-1.6.7-1.fc28 - package-announce - Fedora Mailing-ListsMailing List;Release Notes;Third Party Advisory
-
https://security.gentoo.org/glsa/201811-01
X.Org X11 library: Multiple vulnerabilities (GLSA 201811-01) — Gentoo securityThird Party Advisory
-
https://usn.ubuntu.com/3758-1/
USN-3758-1: libx11 vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2018/08/msg00030.html
[SECURITY] [DLA 1482-1] libx11 security updateThird Party Advisory
-
http://www.securitytracker.com/id/1041543
X.org libX11 Bugs Let Remote Users Deny Service and Potentially Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
https://bugzilla.suse.com/show_bug.cgi?id=1102073
Bug 1102073 – VUL-0: CVE-2018-14598: libX11,xorg-x11-libX11, xorg-x11: crash on invalid reply in XListExtensionsIssue Tracking;Patch;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:2079
RHSA-2019:2079 - Security Advisory - Red Hat Customer Portal
-
https://lists.x.org/archives/xorg-announce/2018-August/002916.html
[ANNOUNCE] libX11 1.6.6Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2018/08/21/6
oss-security - X.Org security advisory: August 21, 2018Mailing List;Third Party Advisory
Jump to