CVE-2023-43785

2023-10-1013:15:21

Debian Security Bug Tracker

security-tracker.debian.org

vulnerability

libx11

out-of-bounds

read

memory

system

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.

OSVersionArchitecturePackageVersionFilename
Debian12alllibx11< 2:1.8.4-2+deb12u2libx11_2:1.8.4-2+deb12u2_all.deb
Debian11alllibx11< 2:1.7.2-1+deb11u2libx11_2:1.7.2-1+deb11u2_all.deb
Debian10alllibx11< 2:1.6.7-1+deb10u4libx11_2:1.6.7-1+deb10u4_all.deb
Debian999alllibx11< 2:1.8.7-1libx11_2:1.8.7-1_all.deb
Debian13alllibx11< 2:1.8.7-1libx11_2:1.8.7-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	libx11	< 2:1.8.4-2+deb12u2	libx11_2:1.8.4-2+deb12u2_all.deb
Debian	11	all	libx11	< 2:1.7.2-1+deb11u2	libx11_2:1.7.2-1+deb11u2_all.deb
Debian	10	all	libx11	< 2:1.6.7-1+deb10u4	libx11_2:1.6.7-1+deb10u4_all.deb
Debian	999	all	libx11	< 2:1.8.7-1	libx11_2:1.8.7-1_all.deb
Debian	13	all	libx11	< 2:1.8.7-1	libx11_2:1.8.7-1_all.deb