PT-2023-6642 · Unknown+9 · Xorg-X11-Server+9

Jan-Niklas Sohn

·

Published

2023-10-25

·

Updated

2025-01-27

·

CVE-2023-5380

CVSS v3.1

4.7

Medium

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions xorg-x11-server (affected versions not specified)
Description A use-after-free flaw was found in the xorg-x11-server, which can cause an X server crash in a very specific and legacy configuration, known as Zaphod mode, where a multi-screen setup with multiple protocol screens is used. This issue occurs when the pointer is warped from within a window on one screen to the root window of the other screen, and the original window is destroyed followed by another window being destroyed. The exploitation of this flaw may allow an attacker to cause a denial of service.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2024:2169
ALSA-2024:2298
ALSA-2024:2995
ALSA-2024:3067
ALT-PU-2023-6607
ALT-PU-2023-6974
ALT-PU-2023-7278
ALT-PU-2023-8421
ALT-PU-2024-3261
AZL-31704
AZL-44376
BDU:2023-07412
CESA-2024_2995
CESA-2024_3067
CVE-2023-5380
DLA-3631-1
DSA-5534-1
INFSA-2024_2169
INFSA-2024_2298
INFSA-2024_2995
INFSA-2024_3067
MGASA-2023-0307
MGASA-2023-0321
OESA-2023-1795
OPENSUSE-SU-2023_4272-1
OPENSUSE-SU-2023_4292-1
OPENSUSE-SU-2023_4338-1
OPENSUSE-SU-2024:13362-1
RHSA-2023:7428
RHSA-2023_7428
RHSA-2024:2169
RHSA-2024:2298
RHSA-2024:2995
RHSA-2024:3067
RHSA-2024_2169
RHSA-2024_2298
RHSA-2024_2995
RHSA-2024_3067
ROSA-SA-2024-2325
ROSA-SA-2025-2575
ROSA-SA-2025-2576
SUSE-SU-2023:4269-1
SUSE-SU-2023:4272-1
SUSE-SU-2023:4292-1
SUSE-SU-2023:4338-1
USN-6453-1
USN-6453-2
ZDI-23-1806

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Red Os
Suse
Ubuntu
Xorg-X11-Server