CVE-2016-7951: Integer Overflow

Q: What is the severity of CVE-2016-7951?

CVE-2016-7951 is classified with a medium severity due to potential remote code execution risks.

Q: How do I fix CVE-2016-7951?

To mitigate CVE-2016-7951, update the libXtst library to version 1.2.3 or later.

Q: What are the affected software versions for CVE-2016-7951?

CVE-2016-7951 affects X.org libXtst versions up to and including 1.2.2, as well as Fedora 24 and 25.

Q: What type of vulnerability is CVE-2016-7951?

CVE-2016-7951 is an integer overflow vulnerability.

Q: Can CVE-2016-7951 be exploited remotely?

Yes, CVE-2016-7951 can be exploited by remote X servers due to the lack of proper range checks.

Published Dec 13, 2016

Updated

Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks.

Affected Software

3 affected components

Fedoraproject Fedora=24

Fedoraproject Fedora=25

X libXtst<=1.2.2

Remediation

Patch Available

https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3

Event History

Dec 13, 2016

CVE Published

via MITRE·08:00 PM

Data Sourced

via MITRE·08:00 PM

Description

Frequently Asked Questions

What is the severity of CVE-2016-7951?

CVE-2016-7951 is classified with a medium severity due to potential remote code execution risks.

How do I fix CVE-2016-7951?

To mitigate CVE-2016-7951, update the libXtst library to version 1.2.3 or later.

What are the affected software versions for CVE-2016-7951?