Lucene search
AmazonALAS-2023-1859HistoryOct 12, 2023 - 3:48 p.m.
Medium: libX11
2023-10-1215:48:00
alas.aws.amazon.com
16
libx11
out-of-bounds
heap overflow
update
cve-2023-43785
cve-2023-43787
integer overflow
memory access
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
Issue Overview:
libX11: out-of-bounds memory access in _XkbReadKeySyms() (CVE-2023-43785)
libX11: integer overflow in XCreateImage() leading to a heap overflow. (CVE-2023-43787)
Affected Packages:
libX11
Issue Correction:
Run yum update libX11 to update your system.
New Packages:
i686:
libX11-devel-1.6.0-2.2.16.amzn1.i686
libX11-common-1.6.0-2.2.16.amzn1.i686
libX11-1.6.0-2.2.16.amzn1.i686
libX11-debuginfo-1.6.0-2.2.16.amzn1.i686
src:
libX11-1.6.0-2.2.16.amzn1.src
x86_64:
libX11-debuginfo-1.6.0-2.2.16.amzn1.x86_64
libX11-common-1.6.0-2.2.16.amzn1.x86_64
libX11-devel-1.6.0-2.2.16.amzn1.x86_64
libX11-1.6.0-2.2.16.amzn1.x86_64
Additional References
Red Hat: CVE-2023-43785, CVE-2023-43787
Mitre: CVE-2023-43785, CVE-2023-43787
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 1 | i686 | libx11-devel | < 1.6.0-2.2.16.amzn1 | libX11-devel-1.6.0-2.2.16.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | libx11-common | < 1.6.0-2.2.16.amzn1 | libX11-common-1.6.0-2.2.16.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | libx11 | < 1.6.0-2.2.16.amzn1 | libX11-1.6.0-2.2.16.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | libx11-debuginfo | < 1.6.0-2.2.16.amzn1 | libX11-debuginfo-1.6.0-2.2.16.amzn1.i686.rpm |
| Amazon Linux | 1 | x86_64 | libx11-debuginfo | < 1.6.0-2.2.16.amzn1 | libX11-debuginfo-1.6.0-2.2.16.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | libx11-common | < 1.6.0-2.2.16.amzn1 | libX11-common-1.6.0-2.2.16.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | libx11-devel | < 1.6.0-2.2.16.amzn1 | libX11-devel-1.6.0-2.2.16.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | libx11 | < 1.6.0-2.2.16.amzn1 | libX11-1.6.0-2.2.16.amzn1.x86_64.rpm |
Related
nessus
nessus
Amazon Linux 2 : libX11 (ALAS-2023-2296)
2023-10-20 00:00:00
Amazon Linux AMI : libX11 (ALAS-2023-1859)
2023-10-25 00:00:00
EulerOS 2.0 SP11 : libX11 (EulerOS-SA-2023-3277)
2024-01-16 00:00:00
amazon
amazon
slackware
slackware
[slackware-security] libX11
2023-10-03 22:25:17
mageia
mageia
Updated libX11 packages fix security vulnerabilities
2023-10-14 01:56:51
openvas
openvas
Huawei EulerOS: Security Advisory for libX11 (EulerOS-SA-2024-1657)
2024-05-16 00:00:00
Ubuntu: Security Advisory (USN-6407-1)
2023-10-04 00:00:00
Huawei EulerOS: Security Advisory for libX11 (EulerOS-SA-2024-1065)
2024-01-09 00:00:00
cloudfoundry
cloudfoundry
USN-6407-1: libx11 vulnerabilities | Cloud Foundry
2023-10-05 00:00:00
USN-6407-2: libx11 vulnerabilities | Cloud Foundry
2023-11-09 00:00:00
USN-6408-1: libXpm vulnerabilities | Cloud Foundry
2023-10-05 00:00:00
almalinux
almalinux
Moderate: libX11 security update
2024-05-22 00:00:00
Moderate: libX11 security update
2024-04-30 00:00:00
osv
osv
libx11 vulnerabilities
2023-10-10 14:35:08
libx11 - security update
2023-10-05 00:00:00
Moderate: libX11 security update
2024-05-22 00:00:00
redhat
redhat
(RHSA-2024:2973) Moderate: libX11 security update
2024-05-22 06:35:14
(RHSA-2024:2145) Moderate: libX11 security update
2024-04-30 06:14:52
ubuntu
ubuntu
libx11 vulnerabilities
2023-10-10 00:00:00
libx11 vulnerabilities
2023-10-03 00:00:00
libXpm vulnerabilities
2023-10-03 00:00:00
debian
debian
[SECURITY] [DLA 3602-1] libx11 security update
2023-10-05 10:39:13
[SECURITY] [DSA 5517-1] libx11 security update
2023-10-05 18:18:00
[SECURITY] [DLA 3603-1] libxpm security update
2023-10-05 11:09:57
redos
redos
ROS-20231018-04
2023-10-18 00:00:00
oraclelinux
oraclelinux
libX11 security update
2024-05-23 00:00:00
libX11 security update
2024-05-02 00:00:00
freebsd
freebsd
11/libX11 multiple vulnerabilities
2023-09-22 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0112
2023-10-11 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0486
2023-10-11 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0668
2023-10-12 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: libX11-1.8.7-1.fc39
2023-10-07 03:24:34
redhatcve
redhatcve
CVE-2023-43785
2023-10-05 07:25:04
CVE-2023-43787
2023-10-05 07:55:11
prion
prion
Out-of-bounds
2023-10-10 13:15:00
Integer overflow
2023-10-10 13:15:00
veracode
veracode
Integer Overflow
2023-10-12 07:01:18
Out-of-bounds Read
2023-10-12 09:36:29
ubuntucve
ubuntucve
CVE-2023-43787
2023-10-03 00:00:00
CVE-2023-43785
2023-10-03 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-43785 affecting package libX11 for versions less than 1.8.7-1
2023-11-08 02:07:28
CVE-2023-43787 affecting package libX11 for versions less than 1.8.7-1
2023-11-08 02:07:28
nvd
nvd
CVE-2023-43785
2023-10-10 13:15:21
CVE-2023-43787
2023-10-10 13:15:22
cve
cve
CVE-2023-43785
2023-10-10 13:15:21
CVE-2023-43787
2023-10-10 13:15:22
debiancve
debiancve
CVE-2023-43785
2023-10-10 13:15:21
CVE-2023-43787
2023-10-10 13:15:22
vulnrichment
vulnrichment
CVE-2023-43785 Libx11: out-of-bounds memory access in _xkbreadkeysyms()
2023-10-10 12:26:02
alpinelinux
alpinelinux
CVE-2023-43785
2023-10-10 13:15:21
CVE-2023-43787
2023-10-10 13:15:22
cvelist
cvelist
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
Related for ALAS-2023-1859