Lucene search
FreeBSD734B8F46-773D-4FEF-BED3-61114FE8E4C5HistoryJun 15, 2023 - 12:00 a.m.
libX11 -- Sub-object overflows
2023-06-1500:00:00
vuxml.freebsd.org
8
x.org
buffer overflows
libx11
0.0005 Low
EPSS
Percentile
17.2%
The X.Org project reports:
Buffer overflows in InitExt.c in libX11 prior to 1.8.6 [CVE-2023-3138]
The functions in src/InitExt.c in libX11 prior to 1.8.6 do not check
that the values provided for the Request, Event, or Error IDs are
within the bounds of the arrays that those functions write to, using
those IDs as array indexes. Instead they trusted that they were called
with values provided by an Xserver that was adhering to the bounds
specified in the X11 protocol, as all X servers provided by X.Org do.
As the protocol only specifies a single byte for these values, an
out-of-bounds value provided by a malicious server (or a malicious
proxy-in-the-middle) can only overwrite other portions of the Display
structure and not write outside the bounds of the Display structure
itself. Testing has found it is possible to at least cause the client
to crash with this memory corruption.
Related
nessus
nessus
EulerOS 2.0 SP9 : libX11 (EulerOS-SA-2023-2619)
2023-08-08 00:00:00
Debian DSA-5433-1 : libx11 - security update
2023-06-21 00:00:00
osv
osv
libx11 - security update
2023-06-26 00:00:00
libx11 vulnerability
2023-06-20 10:12:13
libx11 - security update
2023-06-21 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5433-1)
2023-06-22 00:00:00
Huawei EulerOS: Security Advisory for libX11 (EulerOS-SA-2023-2790)
2023-09-11 00:00:00
Huawei EulerOS: Security Advisory for libX11 (EulerOS-SA-2023-2862)
2023-09-20 00:00:00
redos
redos
ROS-20230622-07
2023-06-22 00:00:00
ubuntu
ubuntu
libx11 vulnerability
2023-06-15 00:00:00
libx11 vulnerability
2023-06-20 00:00:00
redhat
redhat
(RHSA-2023:6497) Moderate: libX11 security update
2023-11-07 06:07:06
(RHSA-2024:1417) Moderate: libX11 security update
2024-03-19 16:35:33
(RHSA-2023:7029) Moderate: libX11 security update
2023-11-14 08:43:20
rosalinux
rosalinux
Advisory ROSA-SA-2024-2343
2024-02-14 10:40:07
debiancve
debiancve
CVE-2023-3138
2023-06-28 21:15:10
amazon
amazon
Medium: libX11
2023-07-17 17:39:00
Medium: libX11
2023-07-13 23:57:00
cloudfoundry
cloudfoundry
USN-6168-2: libx11 vulnerability | Cloud Foundry
2023-08-04 00:00:00
USN-6168-1: libx11 vulnerability | Cloud Foundry
2023-06-29 00:00:00
debian
debian
[SECURITY] [DSA 5433-1] libx11 security update
2023-06-21 09:28:13
[SECURITY] [DLA 3472-1] libx11 security update
2023-06-26 16:21:42
cbl_mariner
cbl_mariner
CVE-2023-3138 affecting package libX11 for versions less than 1.6.12-6
2023-08-03 02:51:21
veracode
veracode
Denial Of Service (DoS)
2023-07-03 04:53:32
prion
prion
Memory corruption
2023-06-28 21:15:00
alpinelinux
alpinelinux
CVE-2023-3138
2023-06-28 21:15:10
almalinux
almalinux
Moderate: libX11 security update
2023-11-14 00:00:00
Moderate: libX11 security update
2023-11-07 00:00:00
ubuntucve
ubuntucve
CVE-2023-3138
2023-06-15 00:00:00
mageia
mageia
Updated libx11 packages fix security vulnerability
2023-06-28 08:21:41
oraclelinux
oraclelinux
libX11 security update
2023-11-11 00:00:00
libX11 security update
2023-11-17 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: libX11-1.8.6-1.fc38
2023-06-18 01:30:52
cve
cve
CVE-2023-3138
2023-06-28 21:15:10
redhatcve
redhatcve
CVE-2023-3138
2023-06-15 19:14:32
cvelist
cvelist
CVE-2023-3138
2023-06-28 00:00:00
slackware
slackware
[slackware-security] libX11
2023-06-15 19:02:40
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0029
2023-06-16 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0410
2023-06-16 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0599
2023-06-17 00:00:00
ibm
ibm
hp
hp
HP ThinPro 8.0 SP 7 Security Updates
2024-01-26 00:00:00