⚠ Exploited in the wild

Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2023-1393

CWE-416 — Use After Free CWE-139313 documents12 sources

Severity

7.8HIGH

EPSS

0.1%

top 76.35%

CISA KEV

Not in KEV

Exploit

Exploited in wild

Active exploitation observed

Affected products

X.org X Server Fedoraproject Fedora

Timeline

PublishedMar 30

Latest updateJan 15

Description

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

▶NVDx.org/x_server< 21.1.8

▶Debianxorg-server< 2:1.20.11-1+deb11u6+3

▶CVEListV5xorg-serverxorg-server 21.1.8

▶Debianxwayland< 2:22.1.9-1+2

Also affects: Fedora 36, 37, 38

Patches

Patch: gitlab.freedesktop.org ↗Patch: gitlab.freedesktop.org ↗

🔴Vulnerability Details

GHSA

Liferay Portal Uses Default Password↗2025-09-15

▶

GHSA

GHSA-gvfw-3vr2-x46g: A flaw was found in X↗2023-03-30

▶

OSV

CVE-2023-1393: A flaw was found in X↗2023-03-30

▶

CVEList

CVE-2023-1393: A flaw was found in X↗2023-03-30

▶

📋Vendor Advisories

Oracle

Oracle Oracle JD Edwards Risk Matrix: E1 Dev Platform Tech - Cloud (X.Org Server) — CVE-2023-1393↗2026-01-15

▶

CISA

Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability↗2024-07-29

▶

Ubuntu

X.Org X Server vulnerability↗2023-03-29

▶

Red Hat

xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability↗2023-03-29

▶

BSD

OpenBSD 7.1 Errata 028: SECURITY FIX↗2023-03-29

▶