CVE-2023-43785

Name
CVE-2023-43785
Description
A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://bugzilla.redhat.com/show_bug.cgi?id=2242252
MISC https://access.redhat.com/security/cve/CVE-2023-43785
MISC https://security.netapp.com/advisory/ntap-20231103-0006/
secalert@redhat.com https://access.redhat.com/errata/RHSA-2024:2145
secalert@redhat.com https://access.redhat.com/errata/RHSA-2024:2973

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:x.org:libx11:*:*:*:*:*:*:*:* libx11 >= None < 1.8.7

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libx11 3.15-main 1.7.3.1-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
libx11 3.18-main 1.8.7-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
libx11 3.17-main 1.8.7-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
libx11 3.16-main 1.8.7-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
libx11 3.19-main 1.8.7-r0 Natanael Copa <ncopa@alpinelinux.org> fixed