Published: 10/10/2023 Updated: 30/04/2024

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 0

A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.

Vulnerable Product	Search on Vulmon	Subscribe to Product
x.org libx11
redhat enterprise linux 8.0
redhat enterprise linux 9.0
fedoraproject fedora 38

Multiple security vulnerabilities were discovered in libx11, the X11 client-side library, which may result in denial of service or the execution of arbitrary code For the oldstable distribution (bullseye), these problems have been fixed in version 2:172-1+deb11u2 For the stable distribution (bookworm), these problems have been fixed in version ...

A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function This flaw allows a local user to consume all available system resources and cause a denial of service condition (CVE-2023-43786) ...

A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function This flaw allows a local user to consume all available system resources and cause a denial of service condition (CVE-2023-43786) libX11: integer overflow in XCreateImage() leading to a heap overflow (CVE-2023-43787) libXpm: out of bounds read on XPM wit ...

A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function This flaw allows a local user to consume all available system resources and cause a denial of service condition (CVE-2023-43786) ...

DescriptionA vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function This flaw allows a local user to consume all available system resources and cause a denial of service conditionA vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function This flaw allows a local user ...

oss-sec mailing list archives   By Date By Thread </form>    Re: Fwd: XOrg Security Advisory: Issues in libX11 prior to 187 & libXpm prior to 3517  <!- ...

CVE-2023-43786 Proof-of-Concept Overview This is a DoS Proof-of-Concept of libX11 Denial of Service vulnerability CVE-2023-43786 It will trigger the integer overflow and cause an infinite loop The vulnerable versions are: libX11 186 and below and libXpm 3516 For a comprehensive understanding, check out the accompanying blog post for in-depth details Dependencies A vuln

CWE-835 https://access.redhat.com/security/cve/CVE-2023-43786 https://bugzilla.redhat.com/show_bug.cgi?id=2242253 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/https://security.netapp.com/advisory/ntap-20231103-0006/http://www.openwall.com/lists/oss-security/2024/01/24/9 https://access.redhat.com/errata/RHSA-2024:2145 https://www.debian.org/security/2023/dsa-5517 https://nvd.nist.gov

CVE-2023-43786

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

Github Repositories

References

Vulmon Search

About

Products

Connect