A stack-based buffer overflow was found in the ParseColors() function of libXm. This vulnerability is caused by the unchecked use of the unsafe API function strcat() and can be triggered via a specially crafted XPM icon with long color strings. The flaw was demonstrated to be exploitable by local unprivileged users via the dtprintinfo setuid binary to achieve local privilege escalation to root on Solaris 10. *NOTE* The dtprintinfo setuid binary is not distributed with Red Hat Enterprise Linux. Red Hat never provided support for CDE (Common Desktop Environment). See https://access.redhat.com/solutions/5547801 for more information. References: https://security.humanativaspa.it/nothing-new-under-the-sun/ https://github.com/hnsecurity/vulns/blob/main/HNS-2022-01-dtprintinfo.txt
Created libXpm tracking bugs for this issue: Affects: fedora-all [bug 2163814]
Note that this issue is in libXm (i.e. motif), not libXpm the X11 Pixmap library.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-24039