The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "xdmx-tools": "2:1.15.1-0ubuntu2.4", "xnest": "2:1.15.1-0ubuntu2.4", "xvfb": "2:1.15.1-0ubuntu2.4", "xdmx": "2:1.15.1-0ubuntu2.4", "xserver-xorg-core-dbg": "2:1.15.1-0ubuntu2.4", "xserver-xorg-dev": "2:1.15.1-0ubuntu2.4", "xorg-server-source": "2:1.15.1-0ubuntu2.4", "xserver-xorg-core": "2:1.15.1-0ubuntu2.4", "xserver-common": "2:1.15.1-0ubuntu2.4", "xserver-xorg-core-udeb": "2:1.15.1-0ubuntu2.4", "xserver-xephyr": "2:1.15.1-0ubuntu2.4", "xserver-xorg-xmir": "2:1.15.1-0ubuntu2.4" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "xorg-server-source-lts-utopic": "2:1.16.0-1ubuntu1.2~trusty2", "xserver-xephyr-lts-utopic": "2:1.16.0-1ubuntu1.2~trusty2", "xwayland-lts-utopic": "2:1.16.0-1ubuntu1.2~trusty2", "xserver-xorg-core-lts-utopic": "2:1.16.0-1ubuntu1.2~trusty2", "xserver-xorg-dev-lts-utopic": "2:1.16.0-1ubuntu1.2~trusty2", "xserver-xorg-core-lts-utopic-dbg": "2:1.16.0-1ubuntu1.2~trusty2" } ] }