CVE-2023-46751

An issue was discovered in the function gdevprnopenprinterseekable in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer...

CVE-2023-46751

CVE-2023-46751 affects Ghostscript; the issue is a dangling pointer in gdev_prn_open_printer_seekable() that could crash the application when processing malformed documents. The vulnerability is remotely triggerable and has been addressed in various advisories. Public details corroborate that Gho...

xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability

A vulnerability was found in X.Org Server. This flaw occurs if a client explicitly destroys the compositor overlay window aka COW, where Xserver leaves a dangling pointer to that window in the CompScreen structure, which will later trigger a use-after-free issue. The Overlay Window use-after-free...

PT-2023-8195 · Artifex +9 · Artifex Ghostscript +9

Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions through 10.02.0 Description: An issue was discovered in the function gdev prn open printer seekable that allows remote attackers to crash the application via a dangling pointer, which is related to the use of memo...

SUSE SLES15 Security Update : kernel RT (Live Patch 11 for SLE 15 SP4) (SUSE-SU-2023:4165-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4165-1 advisory. - A use-after-free flaw was found in the Linux kernel's Netfilter functionality when adding a rule with NFTARULECHAINID. This flaw allows a loc...

AZL-31697 CVE-2023-4623 affecting package kernel for versions less than 5.15.135.1-2

A use-after-free vulnerability in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve i.e. with the HFSCFSC flag set has a parent without a link-sharing curve, then initvf will call...

EulerOS Virtualization 3.0.6.0 : xorg-x11-server (EulerOS-SA-2023-2234)

According to the versions of the xorg-x11-server packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due ...

xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation

A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs...

kernel: fs: dlm: fix invalid derefence of sb_lvbptr

In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sblvbptr I experience issues when putting a lkbsb on the stack and have sblvbptr field to a dangled pointer while not using DLMLKFVALBLK. It will crash with the following kernel message, the...

ROS-20230419-03

The X.Org Server vulnerability is related to a post-release exploit bug where, when handling the deletion of a of a window, Xserver leaves a dangling pointer to that window in the CompScreen structure. Exploitation of the vulnerability could allow an attacker to cause a post-release usage error a...

Advisory ROSA-SA-2023-2154

Software: tigervnc 1.8.0 OS: rosa-server79 packageevrstring: 1.8.0-25 CVE-ID: CVE-2023-1393 BDU-ID: None CVE-Crit: HIGH CVE-DESC: Use-After-Free can result in elevated local privileges. If a client explicitly destroys a linker overlay window also known as COW, Xserver will leave a dangling pointe...

xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability

A vulnerability was found in X.Org Server. This flaw occurs if a client explicitly destroys the compositor overlay window aka COW, where Xserver leaves a dangling pointer to that window in the CompScreen structure, which will later trigger a use-after-free issue. The Overlay Window use-after-free...

xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability

A vulnerability was found in X.Org Server. This flaw occurs if a client explicitly destroys the compositor overlay window aka COW, where Xserver leaves a dangling pointer to that window in the CompScreen structure, which will later trigger a use-after-free issue. The Overlay Window use-after-free...

xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability

A vulnerability was found in X.Org Server. This flaw occurs if a client explicitly destroys the compositor overlay window aka COW, where Xserver leaves a dangling pointer to that window in the CompScreen structure, which will later trigger a use-after-free issue. The Overlay Window use-after-free...

xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability

A vulnerability was found in X.Org Server. This flaw occurs if a client explicitly destroys the compositor overlay window aka COW, where Xserver leaves a dangling pointer to that window in the CompScreen structure, which will later trigger a use-after-free issue. The Overlay Window use-after-free...

Fedora 37 : xorg-x11-server-Xwayland (2023-eb3c27ff25)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-eb3c27ff25 advisory. xwayland 22.1.9 Security fix for CVE-2023-1393 Tenable has extracted the preceding description block directly from the Fedora security advisory. Not...

CVE-2023-1393

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window aka COW, the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-fr...

CVE-2023-1393

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window aka COW, the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-fr...

DEBIAN-CVE-2023-1393

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window aka COW, the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-fr...

SUSE SLES12 Security Update : xorg-x11-server (SUSE-SU-2023:1680-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:1680-1 advisory. - A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the...