Mageia 8, 9 MGASA-2023-0287 Critical: libX11 Flaws Leading to DoS
mageia
October 13, 2023
A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function
Summary
A vulnerability was found in libX11 due to a boundary condition within
the _XkbReadKeySyms() function. This flaw allows a local user to trigger
an out-of-bounds read error and read the contents of memory on the
system. (CVE-2023-43785)
A vulnerability was found in libX11 due to an infinite loop within the
PutSubImage() function. This flaw allows a local user to consume all
available system resources and cause a denial of service condition.
(CVE-2023-43786)
A vulnerability was found in libX11 due to an integer overflow within
the XCreateImage() function. This flaw allows a local user to trigger an
integer overflow and execute arbitrary code with elevated privileges.
(CVE-2023-43787)
References
- https://bugs.mageia.org/show_bug.cgi?id=32358
- https://www.openwall.com/lists/oss-security/2023/10/03/1
- https://www.cve.org/CVERecord?id=CVE-2023-43785
- https://www.cve.org/CVERecord?id=CVE-2023-43786
- https://www.cve.org/CVERecord?id=CVE-2023-43787
Topics Covered
Resolution
SRPMS
- 9/core/libx11-1.8.6-1.1.mga9
- 8/core/libx11-1.7.0-1.5.mga8
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 13 Oct 2023
URL: https://advisories.mageia.org/MGASA-2023-0287.html
Type: security
CVE: CVE-2023-43785,
CVE-2023-43786,
CVE-2023-43787
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!