RED HAT Red Hat Enterprise Linux 9 v0:1.13.1-3.el9_3.3 - 3 CVEs

CVE-2023-6478

A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information.

UNKNOWN CVSS 7.6 Published Dec 13, 2023

CVE-2023-6377

A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved.

UNKNOWN CVSS 7.8 Published Dec 13, 2023

CVE-2023-5367

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service.

UNKNOWN CVSS 7.8 Published Oct 25, 2023

Version 0:1.13.1-3.el9_3.3

Known Vulnerabilities

CVE-2023-6478

CVE-2023-6377

CVE-2023-5367