Nixpkgs security tracker
Untriaged
Permalink
CVE-2023-6478
7.6 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): LOW
- Availability impact (A): LOW
Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty
A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information.
References
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
http://www.openwall.com/lists/oss-security/2023/12/13/1 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://security.gentoo.org/glsa/202401-30 x_transferred
-
https://security.netapp.com/advisory/ntap-20240125-0003/ x_transferred
-
https://www.debian.org/security/2023/dsa-5576 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
http://www.openwall.com/lists/oss-security/2023/12/13/1 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://security.gentoo.org/glsa/202401-30 x_transferred
-
https://security.netapp.com/advisory/ntap-20240125-0003/ x_transferred
-
https://www.debian.org/security/2023/dsa-5576 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
http://www.openwall.com/lists/oss-security/2023/12/13/1 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://security.gentoo.org/glsa/202401-30 x_transferred
-
https://security.netapp.com/advisory/ntap-20240125-0003/ x_transferred
-
https://www.debian.org/security/2023/dsa-5576 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
http://www.openwall.com/lists/oss-security/2023/12/13/1 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://security.gentoo.org/glsa/202401-30 x_transferred
-
https://security.netapp.com/advisory/ntap-20240125-0003/ x_transferred
-
https://www.debian.org/security/2023/dsa-5576 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
http://www.openwall.com/lists/oss-security/2023/12/13/1 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://security.gentoo.org/glsa/202401-30 x_transferred
-
https://security.netapp.com/advisory/ntap-20240125-0003/ x_transferred
-
https://www.debian.org/security/2023/dsa-5576 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
http://www.openwall.com/lists/oss-security/2023/12/13/1 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://security.gentoo.org/glsa/202401-30 x_transferred
-
https://security.netapp.com/advisory/ntap-20240125-0003/ x_transferred
-
https://www.debian.org/security/2023/dsa-5576 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
http://www.openwall.com/lists/oss-security/2023/12/13/1 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://security.gentoo.org/glsa/202401-30 x_transferred
-
https://security.netapp.com/advisory/ntap-20240125-0003/ x_transferred
-
https://www.debian.org/security/2023/dsa-5576 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
http://www.openwall.com/lists/oss-security/2023/12/13/1 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://security.gentoo.org/glsa/202401-30 x_transferred
-
https://security.netapp.com/advisory/ntap-20240125-0003/ x_transferred
-
https://www.debian.org/security/2023/dsa-5576 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
http://www.openwall.com/lists/oss-security/2023/12/13/1 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://security.gentoo.org/glsa/202401-30 x_transferred
-
https://security.netapp.com/advisory/ntap-20240125-0003/ x_transferred
-
https://www.debian.org/security/2023/dsa-5576 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
http://www.openwall.com/lists/oss-security/2023/12/13/1 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://security.gentoo.org/glsa/202401-30 x_transferred
-
https://security.netapp.com/advisory/ntap-20240125-0003/ x_transferred
-
https://www.debian.org/security/2023/dsa-5576 x_transferred
Affected products
tigervnc
- *
xwayland
- ==23.2.3
xorg-server
- ==21.1.10
xorg-x11-server
- *
xorg-x11-server-Xwayland
- *