CVE-2023-6816: Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer
First published: Wed Jan 10 2024(Updated: )
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/xorg-server | <21.1.11 | 21.1.11 |
| redhat/xwayland | <23.2.4 | 23.2.4 |
| debian/xorg-server | 2:1.20.11-1+deb11u13 2:1.20.11-1+deb11u15 2:21.1.7-3+deb12u9 2:21.1.16-1 | |
| debian/xwayland | <=2:22.1.9-1 | 2:24.1.6-1 |
| X.Org Xserver | <21.1.11 | |
| Red Hat Xorg-x11-server-xwayland | <23.2.4 | |
| Red Hat Fedora | =39 | |
| Red Hat Enterprise Linux Desktop | =7.0 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| Red Hat Enterprise Linux Workstation | =7.0 | |
| Debian Linux | =10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2258927
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2258926
- https://access.redhat.com/errata/RHSA-2024:0320
- https://access.redhat.com/errata/RHSA-2024:0557
- https://access.redhat.com/errata/RHSA-2024:0558
- https://access.redhat.com/errata/RHSA-2024:0597
- https://access.redhat.com/errata/RHSA-2024:0607
- https://access.redhat.com/errata/RHSA-2024:0614
- https://access.redhat.com/errata/RHSA-2024:0621
- https://access.redhat.com/errata/RHSA-2024:0617
- https://access.redhat.com/errata/RHSA-2024:0626
- https://access.redhat.com/errata/RHSA-2024:0629
- https://access.redhat.com/errata/RHSA-2024:2170
- https://access.redhat.com/errata/RHSA-2024:2169
- https://access.redhat.com/errata/RHSA-2024:2996
- https://bugzilla.redhat.com/show_bug.cgi?id=2257691
- http://www.openwall.com/lists/oss-security/2024/01/18/1
- https://access.redhat.com/security/cve/CVE-2023-6816
- https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/
- https://security.gentoo.org/glsa/202401-30
- https://security.netapp.com/advisory/ntap-20240307-0006/
- https://launchpad.net/bugs/cve/CVE-2023-6816
- https://lists.x.org/archives/xorg/2024-January/061525.html
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/9e2ecb2af8302dedc49cb6a63ebe063c58a9e7e3
- https://security-tracker.debian.org/tracker/CVE-2023-6816
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816
- https://nvd.nist.gov/vuln/detail/CVE-2023-6816
- https://ubuntu.com/security/CVE-2023-6816
Frequently Asked Questions
What is the severity of CVE-2023-6816?
CVE-2023-6816 has been classified with a moderate severity rating.
How do I fix CVE-2023-6816?
To fix CVE-2023-6816, upgrade to xorg-server version 21.1.11 or xwayland version 23.2.4 or later.
What software does CVE-2023-6816 affect?
CVE-2023-6816 affects xorg-server and xwayland on specific versions of Red Hat and Debian systems.
What type of vulnerability is CVE-2023-6816?
CVE-2023-6816 is a flaw that allows for arbitrary button mapping in the X.Org server.
Is there a patch available for CVE-2023-6816?
Yes, patches have been released for the affected versions of xorg-server and xwayland.
- agent/type
- agent/title
- agent/first-publish-date
- agent/author
- agent/remedy
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/weakness
- agent/severity
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-6816
- agent/software-canonical-lookup
- collector/launchpad-cve
- source/Launchpad
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- agent/source
- agent/event
- agent/tags
- agent/softwarecombine
- collector/security-tracker-debian
- source/Debian
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-cve
- package-manager/redhat
- package-manager/debian
- vendor/x.org
- canonical/x.org xserver
- canonical/red hat xorg-x11-server-xwayland
- vendor/fedoraproject
- canonical/red hat fedora
- version/red hat fedora/39
- vendor/redhat
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/7.0
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/7.0
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/7.0
- vendor/debian
- canonical/debian linux
- version/debian linux/10.0