CVE-2023-5380

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Published Oct 25, 2023
Updated: Jan 31, 2024
CWE ID 416

Summary

CVE-2023-5380 is a use-after-free vulnerability that affects the xorg-x11-server. This vulnerability can lead to an X server crash in a specific configuration known as Zaphod mode, where a multi-screen setup with multiple protocol screens is used. The vulnerability occurs when the pointer is warped from within a window on one screen to the root window of another screen, and if the original window is destroyed followed by another window being destroyed. This vulnerability has a base severity of MEDIUM and a base score of 4.7 according to NVD. The potential danger posed by this vulnerability includes the possibility of crashing the X server, which could disrupt user sessions and lead to denial of service for affected organizations. To remediate the vulnerability, users are advised to update their xorg-x11-server to the latest version available.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-5380 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options