INFSA-2024:2146: libXpm security update
Information about definition
Identificator: INFSA-2024:2146
Type: security
Release date: 2024-12-27 09:36:41 UTC
Information about package
X.Org X11 libXpm runtime library.
Vulnerabilities description
- CVE-2023-43788
A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system.
- CVE-2023-43789
A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2023-43788
|
no information | 5.5 | no information |
|
NIST — CVE-2023-43789
|
no information | 5.5 | no information |
Updated packages