CVE-2017-13723

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
A stack buffer overflow was found in xkbtext.c, which didn't handle xkb formatted string output safely due to a single shared static buffer. The fix introduces a ring of resizable buffers to avoid problems when strings end up longer than anticipated.
This vulnerability may potentially lead to privilege escalation when the xorg-server is running with root privileges.
Group Package Affected Fixed Severity Status Ticket
AVG-432 xorg-server 1.19.3-3 1.19.4-1 Medium Fixed
Date Advisory Group Package Severity Description
08 Oct 2017 ASA-201710-10 AVG-432 xorg-server Medium multiple issues
References
https://cgit.freedesktop.org/xorg/xserver/commit/?id=94f11ca5cf011ef123bd222cabeaef6f424d76ac