ubuntu · CVE-2014-8091

Quick triage

Priority: medium Published: 2014-12-09 00:00:00 UTC Updated: 2024-07-24 15:57:39 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2014-8091 medium priority: Ubuntu including 6 source packages (nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-331, nvidia-graphics-drivers-331-updates, xorg-server, xorg-server-lts-trusty), 30 status rows across 5 suites (lucid, precise, trusty, upstream, utopic): released 21, DNE 7, ignored 1, needs-triage 1.

Description:

X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a crafted connection request.

cvelogic Threat Intelligence