Published: 18/01/2024 Updated: 07/03/2024

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

This vulnerability allows local malicious users to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of SetInputFocus requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.

Vulnerable Product	Search on Vulmon	Subscribe to Product
x.org xwayland
x.org xorg-server
fedoraproject fedora 39
redhat enterprise linux desktop 7.0
redhat enterprise linux workstation 7.0
redhat enterprise linux server 7.0
debian debian linux 10.0

Synopsis Important: tigervnc security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for tigervnc is now available for Red Hat Enterprise Linux 92 Extended Update SupportRed Hat Product Security has ra ...

Synopsis Important: xorg-x11-server security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this upd ...

Synopsis Important: tigervnc security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for tigervnc is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Security has ra ...

Synopsis Important: tigervnc security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for tigervnc is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Product Security has ra ...

Synopsis Important: tigervnc security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for tigervnc is now available for Red Hat Enterprise Linux 82 Advanced Update Support, Red Hat Enterprise Linux 82 T ...

概述 Important: tigervnc security update 类型/严重性 Security Advisory: Important Red Hat Insights 补丁分析识别并修复受此公告影响的系统。查看受影响的系统标题 An update for tigervnc is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Security has rated this ...

Synopsis Important: tigervnc security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for tigervnc is now available for Red Hat Enterprise Linux 84 Advanced Mission Critical Update Support, Red Hat Enter ...

Synopsis Important: tigervnc security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for tigervnc is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having ...

Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer NOTE: listsxorg/archives/xorg/2024-January/061525htmlNOTE: gitlabfreedesktoporg/xorg/xserver/-/commit/9e2ecb2af8302dedc49cb6a63ebe063c58a9e7e3 (CVE-2023-6816) Reattaching to different master device may lead to out-of-bounds memory access NOTE: listsxorg/a ...

Get Started

CVE-2023-6816

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect