PT-2023-8962 · Unknown+10 · Xorg-Server+10

Jan-Niklas Sohn

+1

·

Publicado

2023-12-12

·

Atualizado

2025-08-04

·

CVE-2023-6478

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:C/I:N/A:N
Name of the Vulnerable Software and Affected Versions xorg-server (affected versions not specified)
Description A flaw was found in xorg-server, where a specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow, potentially leading to the disclosure of sensitive information. This issue may allow a remote attacker to exploit the vulnerability and disclose confidential information.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190

Identificadores relacionados

ALSA-2024:0010
ALSA-2024:0018
ALSA-2024:2169
ALSA-2024:2170
ALSA-2024:2995
ALSA-2024:2996
ALT-PU-2023-8033
ALT-PU-2023-8034
ALT-PU-2023-8035
ALT-PU-2024-3261
ALT-PU-2024-4743
ALT-PU-2024-4745
AZL-32180
AZL-45192
BDU:2024-02764
CESA-2024_0006
CESA-2024_0009
CESA-2024_0018
CESA-2024_2995
CESA-2024_2996
CVE-2023-6478
DLA-3686-1
DSA-5576-1
INFSA-2024_2169
INFSA-2024_2170
INFSA-2024_2995
INFSA-2024_2996
MGASA-2024-0009
OESA-2023-1951
OESA-2024-1548
OESA-2024-1556
OESA-2024-1557
OPENSUSE-SU-2023_4787-1
OPENSUSE-SU-2023_4788-1
OPENSUSE-SU-2023_4791-1
OPENSUSE-SU-2024:13512-1
OPENSUSE-SU-2024:13513-1
RHSA-2023:7886
RHSA-2024:0006
RHSA-2024:0009
RHSA-2024:0010
RHSA-2024:0014
RHSA-2024:0015
RHSA-2024:0016
RHSA-2024:0017
RHSA-2024:0018
RHSA-2024:0020
RHSA-2024:2169
RHSA-2024:2170
RHSA-2024:2995
RHSA-2024:2996
RHSA-2024_0006
RHSA-2024_0009
RHSA-2024_0010
RHSA-2024_0018
RHSA-2024_2169
RHSA-2024_2170
RHSA-2024_2995
RHSA-2024_2996
RHSA-2025:12751
ROSA-SA-2024-2324
ROSA-SA-2025-2566
ROSA-SA-2025-2575
ROSA-SA-2025-2576
SUSE-SU-2023:4787-1
SUSE-SU-2023:4788-1
SUSE-SU-2023:4789-1
SUSE-SU-2023:4790-1
SUSE-SU-2023:4791-1
SUSE-SU-2023:4792-1
USN-6555-1
USN-6555-2
USN-6587-5
ZDI-24-009

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Red Hat
Red Os
Suse
Ubuntu
Xorg-Server