CVE-2023-5380

Summary

A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed.

Affected Software

VendorProductVersion RangeStatus
Red HatRed Hat Enterprise Linux 70:1.8.0-26.el7_9 < *unaffected
Red HatRed Hat Enterprise Linux 80:1.20.11-22.el8 < *unaffected
Red HatRed Hat Enterprise Linux 80:1.13.1-8.el8 < *unaffected
Red HatRed Hat Enterprise Linux 90:1.20.11-24.el9 < *unaffected
Red HatRed Hat Enterprise Linux 90:1.13.1-8.el9 < *unaffected

Weaknesses

  • CWE-416: Use After Free

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References