13 matches found
Astra Linux - уязвимость в libx11
A vulnerability was discovered in libX11. The security flaw arises because the functions in src/InitExt.c of libX11 do not check whether the values provided for the Request, Event, or Error IDs are within the bounds of the arrays to which those functions refer, by using those IDs as array indexes...
MiracleLinux 8 : libX11-1.6.8-6.el8 (AXSA:2023-7235:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7235:02 advisory. libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow CVE-2023-3138 Tenable has...
libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust...
RHEL 9 : libX11 (RHSA-2024:1088)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1088 advisory. The libX11 packages contain the core X11 protocol client library. Security Fixes: libX11: InitExt.c can overwrite unintended portions of the Display...
Denial Of Service (DoS)
libX11.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to a memory corruption in multiple functions of src/InitExt.c because they do not check array limits properly causing an out-of-bounds which allows an attacker to crash the application...
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request Event or Error IDs are within the bounds of the arrays that those functions write to using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself possibly causing the client to crash with this memory corruption.
...
ALPINE-CVE-2023-3138
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust...
SUSE: Security Advisory (SUSE-SU-2023:2614-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-3138
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust...
[slackware-security] libX11
New libX11 packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libX11-1.8.6-i586-1slack15.0.txz: Upgraded. This update fixes buffer overflows in InitExt.c that could at least...
X.Org libX11 缓冲区错误漏洞
X.Org libX11 is an X11 X Window System client library from the X.org Foundation. A security vulnerability exists in X.Org libX11 that stems from not checking the values of Request, Event, and Error IDs in src/InitExt.c. The vulnerability is caused by the following...
PT-2023-3418 · Libx11 +9 · Libx11 +9
Name of the Vulnerable Software and Affected Versions: libX11 versions prior to 1.8.6 Description: A security flaw was found in libX11 due to functions in src/InitExt.c not checking if the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those function...
UBUNTU-CVE-2023-3138
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust...