Heap Overflow Vulnerability in X.Org Server
CVE-2023-6816

9.8CRITICAL

Key Information:

Vendor: Red Hat
Status: Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 8.2 Advanced Update Support; Red Hat Enterprise Linux 8.2 Telecommunications Update Service
Vendor: CVE Published:; 18 January 2024

Summary

A flaw identified in the X.Org Server involves a heap overflow that arises from the handling of DeviceFocusEvent and XIQueryPointer reply structures. These components include a bit for each logical button that is currently engaged, allowing buttons to be mapped to any numerical value, up to 255. However, the X.Org Server design only allocates sufficient space for the buttons corresponding to the device's actual configuration, creating a critical issue when a larger value is processed. This flaw can lead to unauthorized access and instability, making it important for users to apply timely patches and updates.

Affected Version(s)

Red Hat Enterprise Linux 7 0:1.20.4-27.el7_9

Red Hat Enterprise Linux 7 0:1.8.0-31.el7_9

Red Hat Enterprise Linux 8 0:1.13.1-2.el8_9.7

References

http://www.openwall.com/lists/oss-security/2024/01/18/1

https://access.redhat.com/errata/RHSA-2024:0320

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/errata/RHSA-2024:0557

vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 18, 2024
Vulnerability Reserved
Dec 14, 2023

Collectors

NVD DatabaseMitre Database

Credit

Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue.