MGASA-2017-0137

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2017-7875

Published: 10 May 2017, 20:47

Last modified:16 Apr 2026, 06:22

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

10 May 2017, 20:47

Published

Vulnerability first disclosed

16 Apr 2026, 06:22

Last Modified

Vulnerability information updated

Description

Updated feh package fixes security vulnerability Updated feh package to fix a double-free/OOB-write in E17 IPC. This was a potential security issue as a malicious X11 app running alongside feh and pretending to be an E17 window manager could have had access to out-of-bound memory. Security vulnerability: CVE-2017-7875

Affected Systems

mageia•feh
< 2.18.3-1.mga5

References (4)

https://advisories.mageia.org/MGASA-2017-0137.html
https://bugs.mageia.org/show_bug.cgi?id=20775
https://feh.finalrewind.org/
https://lists.opensuse.org/opensuse-updates/2017-05/msg00000.html