Wind River Support Network

HomeDefectsLIN1019-10786
Fixed

LIN1019-10786 : Security Advisory - xserver-xorg - CVE-2023-6816

Created: Jan 16, 2024    Updated: Dec 11, 2024
Resolved Date: Feb 1, 2024
Found In Version: 10.19.45.1
Fix Version: 10.19.45.31
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Userspace

Description

A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.

https://nvd.nist.gov/vuln/detail/CVE-2023-6816

CVEs

  • Linkedin
  • Facebook
  • Twitter
  • Youtube