CVE-2023-43785

Name
CVE-2023-43785
Description
A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
issue-tracking https://bugzilla.redhat.com/show_bug.cgi?id=2242252
vdb-entry https://access.redhat.com/security/cve/CVE-2023-43785
MISC https://security.netapp.com/advisory/ntap-20231103-0006/
vendor-advisory https://access.redhat.com/errata/RHSA-2024:2145
vendor-advisory https://access.redhat.com/errata/RHSA-2024:2973

Match rules

CPE URI Source package Min version Max version
cpe:/a:redhat:enterprise_linux:8::appstream shopxo >= 0:1.6.8-8.el8 < *
cpe:/a:redhat:enterprise_linux:9::appstream shopxo >= 0:1.7.0-9.el9 < *

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libx11 3.15-main 1.7.3.1-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
libx11 3.18-main 1.8.7-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
libx11 3.17-main 1.8.7-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
libx11 3.16-main 1.8.7-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
libx11 3.19-main 1.8.7-r0 Natanael Copa <ncopa@alpinelinux.org> fixed