CVE-2014-8091

Impact:
Moderate
Public Date:
2014-12-09
CWE:
CWE-252
Bugzilla:
1168680: CVE-2014-8091 xorg-x11-server: denial of service due to unchecked malloc in client authentication
It was found that the X.Org server did not properly handle SUN-DES-1 (Secure RPC) authentication credentials. A malicious, unauthenticated client could use this flaw to crash the X.Org server by submitting a specially crafted authentication request.

Find out more about CVE-2014-8091 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

Base Score 2.3
Base Metrics AV:A/AC:M/Au:S/C:N/I:N/A:P
Access Vector Adjacent Network
Access Complexity Medium
Authentication Single
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (xorg-x11-server) RHSA-2014:1982 2014-12-11
Red Hat Enterprise Linux 6 (xorg-x11-server) RHSA-2014:1983 2014-12-11
Red Hat Enterprise Linux 7 (xorg-x11-server) RHSA-2014:1983 2014-12-11

External References

Last Modified