Medium: libXpm

🗓️ 05 Dec 2023 00:00:00Reported by AmazonType

amazon

amazon🔗 alas.aws.amazon.com👁 26 Views

libXpm out of bounds read in XpmCreateXpmImageFromBuffer(). Update libXpm to fix CVE-2023-4378

Reporter	Title	Published	Views	Family All 181
FreeBSD	x11/libXpm multiple vulnerabilities	22 Sep 202300:00	–	freebsd
Tenable Nessus	Amazon Linux 2023 : libXpm, libXpm-devel (ALAS2023-2023-381)	24 Oct 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : libXpm (ALAS-2023-2295)	20 Oct 202300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : libXpm (ALAS-2023-1894)	5 Dec 202300:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0107: libXpm (ALINUX3-SA-2024:0107)	14 May 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0142: motif (ALINUX3-SA-2024:0142)	14 May 202500:00	–	nessus
Tenable Nessus	CentOS 8 : libXpm (CESA-2024:2974)	22 May 202400:00	–	nessus
Tenable Nessus	CentOS 8 : motif (CESA-2024:3022)	22 May 202400:00	–	nessus
Tenable Nessus	Debian dla-3603 : libxpm-dev - security update	5 Oct 202300:00	–	nessus
Tenable Nessus	Debian DSA-5516-1 : libxpm - security update	5 Oct 202300:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Amazon Linux	1	i686	libxpm	3.5.10-2.13.amzn1	libXpm-3.5.10-2.13.amzn1.i686.rpm
Amazon Linux	1	x86_64	libxpm	3.5.10-2.13.amzn1	libXpm-3.5.10-2.13.amzn1.x86_64.rpm
Amazon Linux	1	i686	libxpm-debuginfo	3.5.10-2.13.amzn1	libXpm-debuginfo-3.5.10-2.13.amzn1.i686.rpm
Amazon Linux	1	x86_64	libxpm-debuginfo	3.5.10-2.13.amzn1	libXpm-debuginfo-3.5.10-2.13.amzn1.x86_64.rpm
Amazon Linux	1	i686	libxpm-devel	3.5.10-2.13.amzn1	libXpm-devel-3.5.10-2.13.amzn1.i686.rpm
Amazon Linux	1	x86_64	libxpm-devel	3.5.10-2.13.amzn1	libXpm-devel-3.5.10-2.13.amzn1.x86_64.rpm

05 Dec 2023 00:00Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.15.5

EPSS0.00021

SSVC

libxpm out of bounds read xpmcreatexpmimagefrombuffer update cve-2023-43788