Home

CVE-2017-13723

Description

In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or malformed XKB related atoms and accessing them via xkbcomp.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.136

Associated Vulnerability

VulnerabilityOS Platform
X.Org X11 server (USN-3453-1) xserver-xorg-core_1.18.4-0ubuntu0.6_i386.debLinux
X.Org X11 server (USN-3453-1) xserver-xorg-core_1.18.4-0ubuntu0.6_amd64.debLinux
X.Org X11 server (USN-3453-1) xserver-xorg-core_1.19.3-1ubuntu1.2_i386.debLinux
X.Org X11 server (USN-3453-1) xserver-xorg-core_1.19.3-1ubuntu1.2_amd64.debLinux
X.Org X11 server (USN-3453-1) xserver-xorg-core-hwe-16.04_1.19.3-1ubuntu1~16.04.3_i386.debLinux
X.Org X11 server (USN-3453-1) xserver-xorg-core-hwe-16.04_1.19.3-1ubuntu1~16.04.3_amd64.debLinux
X.Org X11 server (USN-3453-1) xserver-xorg-core-lts-xenial_1.18.3-1ubuntu2.3~trusty3_i386.debLinux
X.Org X11 server (USN-3453-1) xserver-xorg-core-lts-xenial_1.18.3-1ubuntu2.3~trusty3_amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234