CVE-2015-0255

Description

X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.

Affected packages (3)

• Debian/xorg-serverfrom 0, < 2:1.16.4-1
• Debian/xorg-serverfrom 0, < 2:1.7.7-18+deb6u2
• Debian/xorg-serverfrom 0, < 2:1.12.4-6+deb7u6

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-0255