CVE-2023-6816

CVE-2023-6816

Name

CVE-2023-6816

Description

A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2023-6816
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=2257691
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2024/01/18/1
secalert@redhat.com	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/
secalert@redhat.com	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:0320
secalert@redhat.com	https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:0557
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:0558
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:0597
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:0607
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:0614
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:0621
secalert@redhat.com	https://security.gentoo.org/glsa/202401-30
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:0617
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:0626
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:0629
secalert@redhat.com	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/
secalert@redhat.com	https://security.netapp.com/advisory/ntap-20240307-0006/
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:2169
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:2170
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:2996

Type

URI

secalert@redhat.com

https://access.redhat.com/security/cve/CVE-2023-6816

secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2257691

secalert@redhat.com

http://www.openwall.com/lists/oss-security/2024/01/18/1

secalert@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/

secalert@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/