Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-43789
HistoryOct 03, 2023 - 12:00 a.m.

CVE-2023-43789

2023-10-0300:00:00
ubuntu.com
ubuntu.com
9
libxpm
boundary condition
out-of-bounds read
memory access
motif
vendored copy
unix

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0

Percentile

5.1%

A vulnerability was found in libXpm where a vulnerability exists due to a
boundary condition, a local user can trigger an out-of-bounds read error
and read contents of memory on the system.

Notes

Author Note
alexmurray motif contains a vendored copy of libxpm under lib/Xm/ with files prefixed by Xpm eg. the file src/parse.c in libxpm is lib/Xm/Xpmparse.c
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlibxpm< 1:3.5.12-1ubuntu0.18.04.2+esm1UNKNOWN
ubuntu20.04noarchlibxpm< 1:3.5.12-1ubuntu0.20.04.2UNKNOWN
ubuntu22.04noarchlibxpm< 1:3.5.12-1ubuntu0.22.04.2UNKNOWN
ubuntu23.04noarchlibxpm< 1:3.5.12-1.1ubuntu0.1UNKNOWN
ubuntu23.10noarchlibxpm< 1:3.5.12-1.1ubuntu1UNKNOWN
ubuntu24.04noarchlibxpm< 1:3.5.12-1.1ubuntu1UNKNOWN
ubuntu14.04noarchlibxpm< 1:3.5.10-1ubuntu0.1+esm2UNKNOWN
ubuntu16.04noarchlibxpm< 1:3.5.11-1ubuntu0.16.04.1+esm2UNKNOWN
ubuntu18.04noarchmotif< anyUNKNOWN
ubuntu20.04noarchmotif< anyUNKNOWN
Rows per page:
1-10 of 141

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0

Percentile

5.1%