Описание
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
A vulnerability was found in X.Org. This issue occurs because the XkbCopyNames function leaves a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
Отчет
Xorg server does not run with root privileges in Red Hat Enterprise Linux 8 and 9, therefore Red Hat Enterprise Linux 8 and 9 have been rated with Moderate severity.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | tigervnc | Out of support scope | ||
| Red Hat Enterprise Linux 6 | xorg-x11-server | Out of support scope | ||
| Red Hat Enterprise Linux 7 | tigervnc | Fixed | RHSA-2023:0045 | 09.01.2023 |
| Red Hat Enterprise Linux 7 | xorg-x11-server | Fixed | RHSA-2023:0046 | 09.01.2023 |
| Red Hat Enterprise Linux 8 | xorg-x11-server-Xwayland | Fixed | RHSA-2023:2805 | 16.05.2023 |
| Red Hat Enterprise Linux 8 | xorg-x11-server | Fixed | RHSA-2023:2806 | 16.05.2023 |
| Red Hat Enterprise Linux 8 | tigervnc | Fixed | RHSA-2023:2830 | 16.05.2023 |
| Red Hat Enterprise Linux 9 | xorg-x11-server | Fixed | RHSA-2023:2248 | 09.05.2023 |
| Red Hat Enterprise Linux 9 | xorg-x11-server-Xwayland | Fixed | RHSA-2023:2249 | 09.05.2023 |
| Red Hat Enterprise Linux 9 | tigervnc | Fixed | RHSA-2023:2257 | 09.05.2023 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.8 High
CVSS3
Связанные уязвимости
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
A vulnerability was found in X.Org. This security flaw occurs because ...
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
Уязвимость функции XkbCopyNames реализации протокола Wayland для X.Org XWayland, реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
7.8 High
CVSS3