Lucene search

K
mageiaGentoo FoundationMGASA-2023-0287
HistoryOct 14, 2023 - 1:56 a.m.

Updated libX11 packages fix security vulnerabilities

2023-10-1401:56:51
Gentoo Foundation
advisories.mageia.org
20
libx11
boundary condition
out-of-bounds read
memory
cve-2023-43785
infinite loop
denial of service
cve-2023-43786
integer overflow
arbitrary code
elevated privileges
cve-2023-43787
unix

EPSS

0

Percentile

5.1%

A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system. (CVE-2023-43785) A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition. (CVE-2023-43786) A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges. (CVE-2023-43787)

OSVersionArchitecturePackageVersionFilename
Mageia8noarchlibx11< 1.7.0-1.5libx11-1.7.0-1.5.mga8
Mageia9noarchlibx11< 1.8.6-1.1libx11-1.8.6-1.1.mga9