CVE-2023-43787

Name
CVE-2023-43787
Description
A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://access.redhat.com/security/cve/CVE-2023-43787
MISC https://bugzilla.redhat.com/show_bug.cgi?id=2242254
MISC https://security.netapp.com/advisory/ntap-20231103-0006/
secalert@redhat.com http://www.openwall.com/lists/oss-security/2024/01/24/9
secalert@redhat.com https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/
secalert@redhat.com https://access.redhat.com/errata/RHSA-2024:2145
secalert@redhat.com https://access.redhat.com/errata/RHSA-2024:2973

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:x.org:libx11:*:*:*:*:*:*:*:* libx11 >= None < 1.8.7

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libx11 3.15-main 1.7.3.1-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
libx11 3.18-main 1.8.7-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
libx11 3.17-main 1.8.7-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
libx11 3.16-main 1.8.7-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
libx11 3.19-main 1.8.7-r0 Natanael Copa <ncopa@alpinelinux.org> fixed