Bug 2242254 (CVE-2023-43787) - CVE-2023-43787 libX11: integer overflow in XCreateImage() leading to a heap overflow
Summary: CVE-2023-43787 libX11: integer overflow in XCreateImage() leading to a heap o...
Keywords:
Status: NEW
Alias: CVE-2023-43787
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2243046
Blocks: 2240180
TreeView+ depends on / blocked
 
Reported: 2023-10-05 07:23 UTC by Dhananjay Arunesh
Modified: 2024-05-22 09:24 UTC (History)
1 user (show)

Fixed In Version: libX11 1.8.7
Doc Type: ---
Doc Text:
A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2024:2145 0 None None None 2024-04-30 09:39:36 UTC
Red Hat Product Errata RHSA-2024:2973 0 None None None 2024-05-22 09:24:26 UTC

Description Dhananjay Arunesh 2023-10-05 07:23:09 UTC
A vulnerability was found in libX11 where the vulnerability exists due to integer overflow within the XCreateImage() function, a local user can trigger integer overflow and execute arbitrary code with elevated privileges.

Comment 2 Sandipan Roy 2023-10-10 12:03:23 UTC
Created libX11 tracking bugs for this issue:

Affects: fedora-all [bug 2243046]

Comment 4 errata-xmlrpc 2024-04-30 09:39:35 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:2145 https://access.redhat.com/errata/RHSA-2024:2145

Comment 5 errata-xmlrpc 2024-05-22 09:24:25 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:2973 https://access.redhat.com/errata/RHSA-2024:2973


Note You need to log in before you can comment on or make changes to this bug.