Test ID:	1.3.6.1.4.1.25623.1.0.883178
Category:	CentOS Local Security Checks
Title:	CentOS: Security Advisory for xorg-x11-drv-ati (CESA-2019:2079)
Summary:	The remote host is missing an update for the 'xorg-x11-drv-ati'; package(s) announced via the CESA-2019:2079 advisory.
Description:	Summary: The remote host is missing an update for the 'xorg-x11-drv-ati' package(s) announced via the CESA-2019:2079 advisory. Vulnerability Insight: X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * libX11: Crash on invalid reply in XListExtensions in ListExt.c (CVE-2018-14598) * libX11: Off-by-one error in XListExtensions in ListExt.c (CVE-2018-14599) * libX11: Out of Bounds write in XListExtensions in ListExt.c (CVE-2018-14600) * libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in a crash (CVE-2018-15857) * libxkbcommon: Endless recursion in xkbcomp/expr.c resulting in a crash (CVE-2018-15853) * libxkbcommon: NULL pointer dereference resulting in a crash (CVE-2018-15854) * libxkbcommon: NULL pointer dereference when handling xkb_geometry (CVE-2018-15855) * libxkbcommon: Infinite loop when reaching EOL unexpectedly resulting in a crash (CVE-2018-15856) * libxkbcommon: NULL pointer dereference when parsing invalid atoms in ExprResolveLhs resulting in a crash (CVE-2018-15859) * libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a crash (CVE-2018-15861) * libxkbcommon: NULL pointer dereference in LookupModMask resulting in a crash (CVE-2018-15862) * libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate resulting in a crash (CVE-2018-15863) * libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a crash (CVE-2018-15864) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. Affected Software/OS: 'xorg-x11-drv-ati' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-14598 BugTraq ID: 105177 http://www.securityfocus.com/bid/105177 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGARUV66TS5OOSLR5A76BUB7SDV6GO4F/ https://security.gentoo.org/glsa/201811-01 https://lists.debian.org/debian-lts-announce/2018/08/msg00030.html http://www.openwall.com/lists/oss-security/2018/08/21/6 https://lists.x.org/archives/xorg-announce/2018-August/002916.html RedHat Security Advisories: RHSA-2019:2079 https://access.redhat.com/errata/RHSA-2019:2079 http://www.securitytracker.com/id/1041543 https://usn.ubuntu.com/3758-1/ https://usn.ubuntu.com/3758-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-14599 Common Vulnerability Exposure (CVE) ID: CVE-2018-14600 Common Vulnerability Exposure (CVE) ID: CVE-2018-15853 https://security.gentoo.org/glsa/201810-05 https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html https://usn.ubuntu.com/3786-1/ https://usn.ubuntu.com/3786-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-15854 https://github.com/xkbcommon/libxkbcommon/commit/e3cacae7b1bfda0d839c280494f23284a1187adf Common Vulnerability Exposure (CVE) ID: CVE-2018-15855 https://github.com/xkbcommon/libxkbcommon/commit/917636b1d0d70205a13f89062b95e3a0fc31d4ff Common Vulnerability Exposure (CVE) ID: CVE-2018-15856 https://github.com/xkbcommon/libxkbcommon/commit/842e4351c2c97de6051cab6ce36b4a81e709a0e1 Common Vulnerability Exposure (CVE) ID: CVE-2018-15857 https://github.com/xkbcommon/libxkbcommon/commit/c1e5ac16e77a21f87bdf3bc4dea61b037a17dddb Common Vulnerability Exposure (CVE) ID: CVE-2018-15859 https://github.com/xkbcommon/libxkbcommon/commit/bb4909d2d8fa6b08155e449986a478101e2b2634 https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html Common Vulnerability Exposure (CVE) ID: CVE-2018-15861 https://github.com/xkbcommon/libxkbcommon/commit/38e1766bc6e20108948aec8a0b222a4bad0254e9 Common Vulnerability Exposure (CVE) ID: CVE-2018-15862 https://github.com/xkbcommon/libxkbcommon/commit/4e2ee9c3f6050d773f8bbe05bc0edb17f1ff8371 Common Vulnerability Exposure (CVE) ID: CVE-2018-15863 https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d Common Vulnerability Exposure (CVE) ID: CVE-2018-15864 https://github.com/xkbcommon/libxkbcommon/commit/a8ea7a1d3daa7bdcb877615ae0a252c189153bd2
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.