A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.
Metrics
Affected Vendors & Products
References
History
Fri, 22 Nov 2024 12:00:00 +0000
Mon, 16 Sep 2024 16:30:00 +0000
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2024-01-18T04:31:07.908Z
Updated: 2024-11-23T02:52:08.911Z
Reserved: 2023-12-14T04:34:38.017Z
Link: CVE-2023-6816
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-18T05:15:08.607
Modified: 2024-11-21T08:44:37.033
Link: CVE-2023-6816
Redhat