CVE-2023-43788

Summary

A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system.

Affected Software

VendorProductVersion RangeStatus
0 < 3.5.17affected
Red HatRed Hat Enterprise Linux 80:3.5.12-11.el8 < *unaffected
Red HatRed Hat Enterprise Linux 80:2.3.4-20.el8 < *unaffected
Red HatRed Hat Enterprise Linux 90:3.5.13-10.el9 < *unaffected
Red HatRed Hat Enterprise Linux 90:2.3.4-28.el9 < *unaffected

Weaknesses

  • CWE-125: Out-of-bounds Read

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References