Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-5367

Опубликовано: 25 окт. 2023
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*
Версия до 21.1.9 (исключая)
cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*
Версия до 23.2.2 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

EPSS

Процентиль: 20%
0.00064
Низкий

7.8 High

CVSS3

Дефекты

CWE-787
CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2023-5367

CVSS3: 7.8
ubuntu
больше 1 года назад

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service.

redhat логотип

CVE-2023-5367

CVSS3: 7.8
redhat
больше 1 года назад

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service.

msrc логотип

CVE-2023-5367

CVSS3: 7.8
msrc
больше 1 года назад

Описание отсутствует

debian логотип

CVE-2023-5367

CVSS3: 7.8
debian
больше 1 года назад

A out-of-bounds write flaw was found in the xorg-x11-server. This issu ...

github логотип

GHSA-q38f-wwqq-rr3v

CVSS3: 7.8
github
больше 1 года назад

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service.

EPSS

Процентиль: 20%
0.00064
Низкий

7.8 High

CVSS3

Дефекты

CWE-787
CWE-787