Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2023-1393

Опубликовано: 30 мар. 2023
Источник: ubuntu
Приоритет: medium
CVSS3: 7.8

Описание

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

not-affected

esm-apps/bionic

needs-triage

esm-apps/focal

released

1.10.1+dfsg-3ubuntu0.20.04.1
esm-apps/jammy

released

1.12.0+dfsg-4ubuntu0.22.04.1
esm-apps/noble

not-affected

focal

released

1.10.1+dfsg-3ubuntu0.20.04.1
jammy

released

1.12.0+dfsg-4ubuntu0.22.04.1
lunar

released

1.12.0+dfsg-8ubuntu0.23.04.1
mantic

released

1.12.0+dfsg-8ubuntu0.23.10.1

Показывать по

РелизСтатусПримечание
bionic

released

2:1.19.6-1ubuntu4.15
devel

released

2:21.1.7-1ubuntu3
esm-infra-legacy/trusty

needs-triage

esm-infra/bionic

released

2:1.19.6-1ubuntu4.15
esm-infra/focal

released

2:1.20.13-1ubuntu1~20.04.8
esm-infra/xenial

needs-triage

focal

released

2:1.20.13-1ubuntu1~20.04.8
jammy

released

2:21.1.3-2ubuntu2.9
kinetic

released

2:21.1.4-2ubuntu1.7
lunar

released

2:21.1.7-1ubuntu3

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-infra/focal

DNE

esm-infra/xenial

needs-triage

focal

DNE

jammy

DNE

kinetic

DNE

trusty

DNE

upstream

needs-triage

xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

released

2:1.20.8-2ubuntu2.2~18.04.11
esm-infra/bionic

released

2:1.20.8-2ubuntu2.2~18.04.11
esm-infra/focal

DNE

focal

DNE

jammy

DNE

kinetic

DNE

trusty

DNE

upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-infra/focal

DNE

focal

DNE

jammy

DNE

kinetic

DNE

trusty

ignored

end of standard support
upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-infra/focal

DNE

focal

DNE

jammy

DNE

kinetic

DNE

trusty

ignored

end of standard support
upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-infra/focal

DNE

focal

DNE

jammy

DNE

kinetic

DNE

trusty

ignored

end of standard support
upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-infra/focal

DNE

focal

DNE

jammy

DNE

kinetic

DNE

trusty

ignored

end of standard support
upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

released

2:22.1.8-1ubuntu1
esm-infra/focal

DNE

focal

DNE

jammy

released

2:22.1.1-1ubuntu0.6
kinetic

released

2:22.1.3-2ubuntu0.4
lunar

released

2:22.1.8-1ubuntu1
mantic

released

2:22.1.8-1ubuntu1
noble

released

2:22.1.8-1ubuntu1
oracular

released

2:22.1.8-1ubuntu1

Показывать по

Ссылки на источники

7.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2023-1393

CVSS3: 7.8
redhat
больше 2 лет назад

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

nvd логотип

CVE-2023-1393

CVSS3: 7.8
nvd
больше 2 лет назад

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

msrc логотип

CVE-2023-1393

CVSS3: 7.8
msrc
около 1 года назад

Описание отсутствует

debian логотип

CVE-2023-1393

CVSS3: 7.8
debian
больше 2 лет назад

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may ...

suse-cvrf логотип

SUSE-SU-2023:1716-1

suse-cvrf
больше 2 лет назад

Security update for xwayland

7.8 High

CVSS3

Уязвимость CVE-2023-1393