Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-2624

It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack.

Published

2018-07-27T18:29:00.827

Last Modified

2024-11-21T03:23:51.390

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 5.9 (MEDIUM)

CVSSv2 Vector

AV:L/AC:M/Au:N/C:P/I:N/A:N

Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

3.4

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-385
Type: Primary
CWE-200

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	x.org	xorg-server	≤ 1.19.4	Yes
Operating System	debian	debian_linux	7.0	Yes

References

http://www.securityfocus.com/bid/96480 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1037919 Third Party Advisory, VDB Entry ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2624 Exploit, Issue Tracking, Third Party Advisory ([email protected])
https://gitlab.freedesktop.org/xorg/xserver/commit/d7ac755f0b618eb1259d93c8a16ec6e39a18627c Patch, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html Third Party Advisory ([email protected])
https://security.gentoo.org/glsa/201704-03 Third Party Advisory ([email protected])
https://security.gentoo.org/glsa/201710-30 Third Party Advisory ([email protected])
https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/ Exploit, Third Party Advisory ([email protected])
http://www.securityfocus.com/bid/96480 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1037919 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2624 Exploit, Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://gitlab.freedesktop.org/xorg/xserver/commit/d7ac755f0b618eb1259d93c8a16ec6e39a18627c Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/201704-03 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/201710-30 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/ Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)