Wind River Support Network

HomeDefectsLIN1022-6255
Fixed

LIN1022-6255 : Security Advisory - xserver-xorg - CVE-2023-6816

Created: Jan 16, 2024    Updated: Feb 18, 2025
Resolved Date: Mar 19, 2024
Found In Version: 10.22.33.1
Fix Version: 10.22.33.15
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.

https://nvd.nist.gov/vuln/detail/CVE-2023-6816

CVEs

  • Linkedin
  • Facebook
  • Twitter
  • Youtube