Lucene search

[email protected]NVD:CVE-2023-0494

HistoryMar 27, 2023 - 9:15 p.m.

CVE-2023-0494

2023-03-2721:15:10

CWE-416

[email protected]

web.nvd.nist.gov

x.org

vulnerability

local privilege elevation

remote code execution

procxkbsetdeviceinfo

procxkbgetdeviceinfo

memory

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.8%

JSON

A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.

Affected configurations

NVD

Node

x.orgx_serverRange<21.1.7

Node

fedoraprojectfedoraMatch36

fedoraprojectfedoraMatch37

Node

redhatenterprise_linuxMatch8.0

redhatenterprise_linuxMatch8.1

redhatenterprise_linuxMatch9.0

redhatenterprise_linux_ausMatch8.4

redhatenterprise_linux_ausMatch8.6

redhatenterprise_linux_desktopMatch7.0

redhatenterprise_linux_eusMatch8.4

redhatenterprise_linux_eusMatch8.6

redhatenterprise_linux_eusMatch9.0

redhatenterprise_linux_for_ibm_z_systemsMatch7.0

redhatenterprise_linux_for_ibm_z_systemsMatch8.0

redhatenterprise_linux_for_ibm_z_systems_eusMatch8.4

redhatenterprise_linux_for_ibm_z_systems_eusMatch8.6

redhatenterprise_linux_for_power_big_endianMatch7.0

redhatenterprise_linux_for_power_little_endianMatch7.0

redhatenterprise_linux_for_power_little_endianMatch8.0

redhatenterprise_linux_for_power_little_endianMatch9.0

redhatenterprise_linux_for_power_little_endian_eusMatch8.4

redhatenterprise_linux_for_power_little_endian_eusMatch8.6

redhatenterprise_linux_for_scientific_computingMatch7.0

redhatenterprise_linux_serverMatch7.0

redhatenterprise_linux_server_ausMatch8.2

redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.1

redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.2

redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.4

redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.6

redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch9.0

redhatenterprise_linux_server_tusMatch8.2

redhatenterprise_linux_server_tusMatch8.4

redhatenterprise_linux_server_tusMatch8.6

redhatenterprise_linux_server_update_services_for_sap_solutionsMatch8.2

redhatenterprise_linux_server_workstationMatch7.0

References

bugzilla.redhat.com/show_bug.cgi?id=2165995

gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec

lists.x.org/archives/xorg-announce/2023-February/003320.html

security.gentoo.org/glsa/202305-30

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.8%

JSON

Related for NVD:CVE-2023-0494