{ "threat_severity" : "Low", "public_date" : "2018-08-01T00:00:00Z", "bugzilla" : { "description" : "libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c", "id" : "1611599", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1611599" }, "cvss3" : { "cvss3_base_score" : "4.5", "cvss3_scoring_vector" : "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "status" : "verified" }, "cwe" : "CWE-122", "details" : [ "_XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow." ], "statement" : "This issue affects the versions of libXcursor as shipped with Red Hat Enterprise Linux 5, 6, and 7.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "freeglut-0:3.0.0-8.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "libdrm-0:2.4.91-3.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "libepoxy-0:1.5.2-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "libglvnd-1:1.0.1-0.8.git5baa1e5.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "libinput-0:1.10.7-2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "libwacom-0:0.30-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "libX11-0:1.6.5-2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "libxcb-0:1.13-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "libXcursor-0:1.1.15-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "libXfont-0:1.5.4-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "libXfont2-0:2.0.3-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "libXres-0:1.2.0-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "mesa-0:18.0.5-3.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "mesa-demos-0:8.3.0-10.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "tigervnc-0:1.8.0-13.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "vulkan-0:1.1.73.0-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xcb-proto-0:1.13-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xkeyboard-config-0:2.24-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-ati-0:18.0.1-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-dummy-0:0.3.7-1.el7.1" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-evdev-0:2.10.6-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-fbdev-0:0.5.0-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-intel-0:2.99.917-28.20180530.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-libinput-0:0.27.1-2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-mouse-0:1.9.2-2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-nouveau-1:1.0.15-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-openchrome-0:0.5.0-3.el7.1" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-qxl-0:0.1.5-4.el7.1" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-synaptics-0:1.9.0-2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-v4l-0:0.2.0-49.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-vesa-0:2.4.0-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-vmmouse-0:13.1.0-1.el7.1" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-vmware-0:13.2.1-1.el7.1" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-void-0:1.4.1-2.el7.1" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-drv-wacom-0:0.36.1-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-font-utils-1:7.5-21.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-proto-devel-0:2018.4-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-server-0:1.20.1-3.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-utils-0:7.5-23.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-10-30T00:00:00Z", "advisory" : "RHSA-2018:3059", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xorg-x11-xkb-utils-0:7.7-14.el7" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Will not fix", "package_name" : "libXcursor", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Will not fix", "package_name" : "libXcursor", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "libXcursor", "cpe" : "cpe:/o:redhat:enterprise_linux:8" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2015-9262\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-9262" ], "name" : "CVE-2015-9262", "csaw" : false }