exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

CVE-2023-6816

Status Candidate

Overview

A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.

Related Files

Ubuntu Security Notice USN-6587-5
Posted Mar 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6587-5 - USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the RRChangeOutputProperty and RRChangeProviderProperty APIs. An attacker could possibly use this issue to cause the X Server to crash, or obtain sensitive information.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-6478, CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886
SHA-256 | 9f02a5fba82a37e9433c20a481152b829c57eaf4483d36e161436fe7547bf8f0
Ubuntu Security Notice USN-6587-4
Posted Feb 1, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6587-4 - USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete resulting in a possible regression. This update fixes the problem. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886
SHA-256 | 6280234da702462a9a8a5cb22d88ea81607160120dbeb11971118a38e1bb841f
Red Hat Security Advisory 2024-0629-03
Posted Feb 1, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0629-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 7. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-6816
SHA-256 | 0be26d707c8347b067acc72363593d063c3ac3f09a77cc38900425f97fdd4052
Red Hat Security Advisory 2024-0626-03
Posted Feb 1, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0626-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-6816
SHA-256 | 4474995e9c62e738acb59b23d6c2dd6de802500c616331932285c94d89d08dd0
Red Hat Security Advisory 2024-0617-03
Posted Feb 1, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0617-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-6816
SHA-256 | 884d8b31358a8286375da98846d99c9a28959a0bb674099082a4ba50ea5ae3f8
Gentoo Linux Security Advisory 202401-30
Posted Jan 31, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-30 - Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution. Versions greater than or equal to 21.1.11 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2023-5367, CVE-2023-5380, CVE-2023-6377, CVE-2023-6478, CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886
SHA-256 | 545eafd3a0b182303f26482ca1690edf1334c8c351327115bef40159e3e46634
Ubuntu Security Notice USN-6587-3
Posted Jan 31, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6587-3 - USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete resulting in a possible regression. This update fixes the problem. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. Olivier Fourdan and Donn Seeley discovered that the X.Org X Server incorrectly labeled GLX PBuffers when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. Olivier Fourdan discovered that the X.Org X Server incorrectly handled the curser code when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the XISendDeviceHierarchyEvent API. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled devices being disabled. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886
SHA-256 | b4b93cec425e2cc7f4d786e873efc8d2eb7ef34f9060a322512d712a2d7cef3d
Red Hat Security Advisory 2024-0621-03
Posted Jan 31, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0621-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-6816
SHA-256 | f18175acaf0693f798700213fb7cd51ba2f962066dc66fe91c7091c47f6c9685
Red Hat Security Advisory 2024-0614-03
Posted Jan 31, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0614-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-6816
SHA-256 | 95ebac90019eaa1a93aba2483b95e229e8df3f6018c0f6813960fc7c5cd016ce
Red Hat Security Advisory 2024-0607-03
Posted Jan 31, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0607-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-6816
SHA-256 | 5748db682b1ab1d886a62fa8246b580e5e8a06ce10cafd796093d972cb650400
Red Hat Security Advisory 2024-0597-03
Posted Jan 31, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0597-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-6816
SHA-256 | be9fa0bd0f280e9c45fec80c6b39c443ea0214870db58c9b0426c43a3be43a0e
Red Hat Security Advisory 2024-0558-03
Posted Jan 31, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0558-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-6816
SHA-256 | 75e094a39a04c0683b0f44c2ce6b8fb8f9c007c0c5972ee48bfee18eddbb9daa
Red Hat Security Advisory 2024-0557-03
Posted Jan 31, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0557-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-6816
SHA-256 | d3bd58cc07ec2542183b99070361ed0fa70ccb717be144cc0c39bafed82ab376
Debian Security Advisory 5603-1
Posted Jan 24, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5603-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the X server is running privileged or denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886
SHA-256 | 65170e720390016746938ce39410c03723012788646a60ef3f1d3cd9788338a3
Red Hat Security Advisory 2024-0320-03
Posted Jan 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0320-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2023-6816
SHA-256 | ea0d633deac53fab5218ded7a2a0b64dbba7b1f698321e0e370fc673650e570a
Ubuntu Security Notice USN-6587-2
Posted Jan 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6587-2 - USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886
SHA-256 | a2f2ac645eb8776253c7cf930c98b38768999c8680aec52b641d1aada93ccae6
Ubuntu Security Notice USN-6587-1
Posted Jan 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6587-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886
SHA-256 | 9e771ae2522191e3721e1568b4add1932dbd79c4d7b52382405ad35220601d21
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close