CVE-2023-5380
Xorg-x11-server: use-after-free bug in destroywindow
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed.
Se encontró una falla de use-after-free en el servidor xorg-x11. Puede ocurrir una falla del servidor X en una configuración muy específica y heredada (una configuración de múltiples pantallas con múltiples pantallas de protocolo, también conocida como modo Zaphod) si el puntero se deforma desde dentro de una ventana en una pantalla a la ventana raíz de la otra pantalla y si la ventana original se destruye y luego se destruye otra ventana.
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the handling of Window objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-10-04 CVE Reserved
- 2023-10-25 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (17)
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://lists.x.org/archives/xorg-announce/2023-October/003430.html | 2024-05-22 |
URL | Date | SRC |
---|---|---|
https://access.redhat.com/errata/RHSA-2023:7428 | 2024-05-22 | |
https://access.redhat.com/errata/RHSA-2024:2169 | 2024-05-22 | |
https://access.redhat.com/errata/RHSA-2024:2298 | 2024-05-22 | |
https://access.redhat.com/errata/RHSA-2024:2995 | 2024-05-22 | |
https://access.redhat.com/errata/RHSA-2024:3067 | 2024-05-22 | |
https://access.redhat.com/security/cve/CVE-2023-5380 | 2024-05-22 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2244736 | 2024-05-22 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
X.org Search vendor "X.org" | X Server Search vendor "X.org" for product "X Server" | < 21.1.9 Search vendor "X.org" for product "X Server" and version " < 21.1.9" | - |
Affected
| ||||||
X.org Search vendor "X.org" | Xwayland Search vendor "X.org" for product "Xwayland" | < 23.2.2 Search vendor "X.org" for product "Xwayland" and version " < 23.2.2" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 9.0 Search vendor "Redhat" for product "Enterprise Linux" and version "9.0" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 37 Search vendor "Fedoraproject" for product "Fedora" and version "37" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 38 Search vendor "Fedoraproject" for product "Fedora" and version "38" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 39 Search vendor "Fedoraproject" for product "Fedora" and version "39" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 12.0 Search vendor "Debian" for product "Debian Linux" and version "12.0" | - |
Affected
|