Xorg-Server XKB Button Actions Memory Vulnerability

Xorg-Server XKB Button Actions Memory Vulnerability

CVE-2023-6377 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved.

Learn more about our Cis Benchmark Audit For Server Software.