CVE-2023-43787

CVE-2023-43787

Name

CVE-2023-43787

Description

A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://access.redhat.com/security/cve/CVE-2023-43787
MISC	https://bugzilla.redhat.com/show_bug.cgi?id=2242254
MISC	https://security.netapp.com/advisory/ntap-20231103-0006/

Type

URI

MISC

https://access.redhat.com/security/cve/CVE-2023-43787

MISC

https://bugzilla.redhat.com/show_bug.cgi?id=2242254

MISC

https://security.netapp.com/advisory/ntap-20231103-0006/

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:x.org:libx11::::::::`	libx11	>= None	< 1.8.7

CPE URI

Source package

Min version

Max version

cpe:2.3:a:x.org:libx11:*:*:*:*:*:*:*:*

libx11

>= None

< 1.8.7

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
libx11	edge-main	1.8.7-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
libx11	3.15-main	1.7.3.1-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
libx11	3.18-main	1.8.7-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
libx11	3.17-main	1.8.7-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
libx11	3.16-main	1.8.7-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
libx11	3.19-main	1.8.7-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed

Source package

Branch

Version

Maintainer

Status

libx11

edge-main

1.8.7-r0

Natanael Copa <ncopa@alpinelinux.org>

fixed

libx11

3.15-main