cbcvebase.
CVE-2023-5380
published 2023-10-25

CVE-2023-5380: A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with…

medium4.7CVSS 3.1
AVLACHPRLUINSUCNINAH
A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed.

Affected

22 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debiandebian_linux
debianxorg-server< xorg-server 2:21.1.7-3+deb12u2 (bookworm)xorg-server 2:21.1.7-3+deb12u2 (bookworm)
fedoraprojectfedora
fedoraprojectfedora
fedoraprojectfedora
msrccbl2_xorg-x11-server_1.20.10-10_on_cbl_mariner_2.0
redhatenterprise_linux
redhatenterprise_linux
redhatenterprise_linux
x.orgx_server< 21.1.921.1.9
x.orgxorg-server>= 0 < 2:1.20.11-1+deb11u82:1.20.11-1+deb11u8
x.orgxorg-server>= 0 < 2:21.1.7-3+deb12u22:21.1.7-3+deb12u2
x.orgxorg-server>= 0 < 2:21.1.9-12:21.1.9-1
x.orgxorg-server>= 0 < 2:21.1.9-12:21.1.9-1
x.orgxorg-server>= 0 < 2:1.20.13-1ubuntu1~20.04.92:1.20.13-1ubuntu1~20.04.9
x.orgxorg-server>= 0 < 2:21.1.4-2ubuntu1.7~22.04.22:21.1.4-2ubuntu1.7~22.04.2
x.orgxorg-server>= 0 < 2:1.15.1-0ubuntu2.11+esm82:1.15.1-0ubuntu2.11+esm8
x.orgxorg-server>= 0 < 2:1.18.4-0ubuntu0.12+esm62:1.18.4-0ubuntu0.12+esm6
x.orgxorg-server>= 0 < 2:1.19.6-1ubuntu4.15+esm12:1.19.6-1ubuntu4.15+esm1
x.orgxwayland< 23.2.223.2.2
x.orgxwayland>= 0 < 2:22.1.1-1ubuntu0.72:22.1.1-1ubuntu0.7

CVSS provenance

nvdv3.14.7MEDIUMCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
osv7.8HIGH