Dangling Pointer Vulnerability in X.Org Leading to Local Privilege Escalation and Remote Code Execution
CVE-2023-0494

7.8HIGH

Key Information:

Vendor: X.org
Status: Xorg-x11-server
Vendor: CVE Published:; 27 March 2023

What is CVE-2023-0494?

A vulnerability exists within X.Org due to a dangling pointer in the DeepCopyPointerClasses function. This flaw allows attackers to exploit methods such as ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to manipulate freed memory. As a result, this could enable local privilege elevation on systems where the X server is run with elevated privileges, as well as potential remote code execution through SSH X forwarding sessions. Users are encouraged to update to patched versions to mitigate these risks and enhance their system's security.

Affected Version(s)

xorg-x11-server xorg-server 21.1.7

References

https://bugzilla.redhat.com/show_bug.cgi?id=2165995

https://lists.x.org/archives/xorg-announce/2023-February/...

https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 27, 2023
Vulnerability Reserved
Jan 25, 2023

X.org

What is CVE-2023-0494?

Affected Version(s)

References

CVSS V3.1

Timeline