ROSA LABROSA-SA-2024-2412Advisory ROSA-SA-2024-2412
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
7.5 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
software: libxpm 3.5.17
OS: ROSA-CHROME
package_evr_string: libxpm-3.5.17-1
CVE-ID: CVE-2023-43788
BDU-ID: 2023-06887
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the XpmCreateXpmImageFromBuffer() function of the X Pixmap Image File (XPM) libXpm library is related to reading data beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update libxpm
CVE-ID: CVE-2023-43789
BDU-ID: 2023-06927
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the libXpm image file manipulation library is related to the invocation of an out-of-bounds memory read error. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update libxpm
Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
7.5 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%