Covert Timing Channel

CVE-2017-2624

Medium

5.9/10

Summary

It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack.

Attack Complexity: HIGH
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: CHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-385 - Covert Timing Channel

Covert timing channels convey information by modulating some aspect of system behavior over time, so that the program receiving the information can observe system behavior and infer protected information.

References

Advisory Timeline

Published Jul 27, 2018

Covert Timing Channel

CVE-2017-2624

Summary

CWE-385 - Covert Timing Channel

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS