Errata ALT-PU-2023-6468-2: Information

Package name: libX11
Version: 1.8.7-alt1
Bulletin updated: Oct. 24, 2023
Task: #332139

Fixes

Published: Oct. 10, 2023

BDU:2023-06816

Уязвимость функции XCreateImage() библиотеки предоставления клиентского API для X Window System libX11, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: Oct. 10, 2023

BDU:2023-06817

Уязвимость функции PutSubImage() библиотеки предоставления клиентского API для X Window System libX11, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Oct. 10, 2023
Modified: May 22, 2024

CVE-2023-43785

A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Links:
Published: Oct. 10, 2023
Modified: May 22, 2024

CVE-2023-43786

A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 10, 2023
Modified: May 22, 2024

CVE-2023-43787

A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top