vulnerability

Oracle Linux: CVE-2017-2625: ELSA-2017-1865: X.org X11 libraries security, bug fix and enhancement update (MODERATE)

Try Surface Command
Back to search
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Feb 28, 2017
Added
Aug 8, 2017
Modified
Dec 3, 2025

Description

It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.
It was discovered that libXdmcp used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.

Solutions

oracle-linux-upgrade-drm-utilsoracle-linux-upgrade-libdrmoracle-linux-upgrade-libdrm-develoracle-linux-upgrade-libepoxyoracle-linux-upgrade-libepoxy-develoracle-linux-upgrade-libevdevoracle-linux-upgrade-libevdev-develoracle-linux-upgrade-libevdev-utilsoracle-linux-upgrade-libfontencoracle-linux-upgrade-libfontenc-develoracle-linux-upgrade-libiceoracle-linux-upgrade-libice-develoracle-linux-upgrade-libinputoracle-linux-upgrade-libinput-develoracle-linux-upgrade-libvdpauoracle-linux-upgrade-libvdpau-develoracle-linux-upgrade-libvdpau-docsoracle-linux-upgrade-libwacomoracle-linux-upgrade-libwacom-dataoracle-linux-upgrade-libwacom-develoracle-linux-upgrade-libx11oracle-linux-upgrade-libx11-commonoracle-linux-upgrade-libx11-develoracle-linux-upgrade-libxaworacle-linux-upgrade-libxaw-develoracle-linux-upgrade-libxcboracle-linux-upgrade-libxcb-develoracle-linux-upgrade-libxcb-docoracle-linux-upgrade-libxcursororacle-linux-upgrade-libxcursor-develoracle-linux-upgrade-libxdmcporacle-linux-upgrade-libxdmcp-develoracle-linux-upgrade-libxfixesoracle-linux-upgrade-libxfixes-develoracle-linux-upgrade-libxfontoracle-linux-upgrade-libxfont2oracle-linux-upgrade-libxfont2-develoracle-linux-upgrade-libxfont-develoracle-linux-upgrade-libxioracle-linux-upgrade-libxi-develoracle-linux-upgrade-libxkbcommonoracle-linux-upgrade-libxkbcommon-develoracle-linux-upgrade-libxkbcommon-x11oracle-linux-upgrade-libxkbcommon-x11-develoracle-linux-upgrade-libxkbfileoracle-linux-upgrade-libxkbfile-develoracle-linux-upgrade-libxpmoracle-linux-upgrade-libxpm-develoracle-linux-upgrade-libxrandroracle-linux-upgrade-libxrandr-develoracle-linux-upgrade-libxrenderoracle-linux-upgrade-libxrender-develoracle-linux-upgrade-libxtoracle-linux-upgrade-libxt-develoracle-linux-upgrade-libxtstoracle-linux-upgrade-libxtst-develoracle-linux-upgrade-libxvoracle-linux-upgrade-libxv-develoracle-linux-upgrade-libxvmcoracle-linux-upgrade-libxvmc-develoracle-linux-upgrade-libxxf86vmoracle-linux-upgrade-libxxf86vm-develoracle-linux-upgrade-mesa-dri-driversoracle-linux-upgrade-mesa-filesystemoracle-linux-upgrade-mesa-libegloracle-linux-upgrade-mesa-libegl-develoracle-linux-upgrade-mesa-libgbmoracle-linux-upgrade-mesa-libgbm-develoracle-linux-upgrade-mesa-libgloracle-linux-upgrade-mesa-libglapioracle-linux-upgrade-mesa-libgl-develoracle-linux-upgrade-mesa-libglesoracle-linux-upgrade-mesa-libgles-develoracle-linux-upgrade-mesa-libosmesaoracle-linux-upgrade-mesa-libosmesa-develoracle-linux-upgrade-mesa-libxatrackeroracle-linux-upgrade-mesa-libxatracker-develoracle-linux-upgrade-mesa-private-llvmoracle-linux-upgrade-mesa-private-llvm-develoracle-linux-upgrade-mesa-vulkan-driversoracle-linux-upgrade-vulkanoracle-linux-upgrade-vulkan-develoracle-linux-upgrade-vulkan-filesystemoracle-linux-upgrade-xcb-protooracle-linux-upgrade-xkeyboard-configoracle-linux-upgrade-xkeyboard-config-develoracle-linux-upgrade-xorg-x11-proto-devel

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today