Unrated severityNVD Advisory· Published Dec 13, 2023· Updated Mar 24, 2026

Xorg-x11-server: out-of-bounds memory reads/writes in xkb button actions

CVE-2023-6377

Description

A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved.

Affected products

Red Hat/Enterprise Linuxcpe-rescue4 versions
cpe:/a:redhat:enterprise_linux:8::appstream+ 3 more
- cpe:/a:redhat:enterprise_linux:8::appstreamrange: 0:21.1.3-15.el8
- cpe:/a:redhat:enterprise_linux:9::appstreamrange: 0:22.1.9-5.el9
- cpe:/o:redhat:enterprise_linux:6
- cpe:/o:redhat:enterprise_linux:7::computenoderange: 0:1.20.4-25.el7_9
Red Hat/Enterprise Linux Update Services For Sap Solutionscpe-rescue2 versions
cpe:/a:redhat:rhel_e4s:8.2::appstream+ 1 more
- cpe:/a:redhat:rhel_e4s:8.2::appstreamrange: 0:1.9.0-15.el8_2.6
- cpe:/a:redhat:rhel_tus:8.4::appstreamrange: 0:1.11.0-8.el8_4.5
Red Hat/Red Hat Enterprise Linux 8.6 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:8.6::appstream
Range: 0:1.12.0-6.el8_6.6
Red Hat/Red Hat Enterprise Linux 8.8 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:8.8::appstream
Range: 0:1.12.0-15.el8_8.4
Red Hat/Red Hat Enterprise Linux 9.0 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:9.0::appstream
Range: 0:1.11.0-22.el9_0.5
Red Hat/Red Hat Enterprise Linux 9.2 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:9.2::appstream
Range: 0:1.12.0-14.el9_2.2
Red Hat/Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSIONv5
cpe:/o:redhat:rhel_els:6
Range: 0:1.1.0-25.el6_10.14
osv-coords41 versions
pkg:rpm/almalinux/tigervnc pkg:rpm/almalinux/tigervnc-icons pkg:rpm/almalinux/tigervnc-license pkg:rpm/almalinux/tigervnc-selinux pkg:rpm/almalinux/tigervnc-server pkg:rpm/almalinux/tigervnc-server-minimal pkg:rpm/almalinux/tigervnc-server-module pkg:rpm/almalinux/xorg-x11-server-common pkg:rpm/almalinux/xorg-x11-server-devel pkg:rpm/almalinux/xorg-x11-server-source pkg:rpm/almalinux/xorg-x11-server-Xdmx pkg:rpm/almalinux/xorg-x11-server-Xephyr pkg:rpm/almalinux/xorg-x11-server-Xnest pkg:rpm/almalinux/xorg-x11-server-Xorg pkg:rpm/almalinux/xorg-x11-server-Xvfb pkg:rpm/almalinux/xorg-x11-server-Xwayland pkg:rpm/opensuse/xorg-x11-server&distro=openSUSE%20Leap%2015.4 pkg:rpm/opensuse/xorg-x11-server&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/xorg-x11-server&distro=openSUSE%20Tumbleweed pkg:rpm/opensuse/xwayland&distro=openSUSE%20Leap%2015.4 pkg:rpm/opensuse/xwayland&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/xwayland&distro=openSUSE%20Tumbleweed pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP4 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5 pkg:rpm/suse/xwayland&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4 pkg:rpm/suse/xwayland&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5
< 1.13.1-3.el9_3.3.alma.1+ 40 more
- (no CPE)range: < 1.13.1-3.el9_3.3.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.3.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.3.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.3.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.3.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.3.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.3.alma.1
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 22.1.9-5.el9
- (no CPE)range: < 1.20.3-150200.22.5.82.1
- (no CPE)range: < 21.1.4-150500.7.10.1
- (no CPE)range: < 21.1.9-2.1
- (no CPE)range: < 21.1.4-150400.3.23.1
- (no CPE)range: < 22.1.5-150500.7.8.1
- (no CPE)range: < 23.2.2-3.1
- (no CPE)range: < 1.20.3-150200.22.5.82.1
- (no CPE)range: < 1.20.3-150200.22.5.82.1
- (no CPE)range: < 1.20.3-150200.22.5.82.1
- (no CPE)range: < 1.20.3-150200.22.5.82.1
- (no CPE)range: < 1.20.3-150400.38.32.1
- (no CPE)range: < 21.1.4-150500.7.10.1
- (no CPE)range: < 1.20.3-150400.38.32.1
- (no CPE)range: < 21.1.4-150500.7.10.1
- (no CPE)range: < 1.19.6-10.59.1
- (no CPE)range: < 1.20.3-150200.22.5.82.1
- (no CPE)range: < 1.20.3-150200.22.5.82.1
- (no CPE)range: < 1.19.6-10.59.1
- (no CPE)range: < 1.20.3-150200.22.5.82.1
- (no CPE)range: < 1.20.3-150200.22.5.82.1
- (no CPE)range: < 1.19.6-10.59.1
- (no CPE)range: < 1.20.3-150200.22.5.82.1
- (no CPE)range: < 1.20.3-150200.22.5.82.1
- (no CPE)range: < 21.1.4-150400.3.23.1
- (no CPE)range: < 22.1.5-150500.7.8.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHSA-2023:7886mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0006mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0009mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0010mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0014mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0015mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0016mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0017mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0018mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0020mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:2169mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:2170mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:2995mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:2996mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2025:13998mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/security/cve/CVE-2023-6377mitrevdb-entryx_refsource_REDHAT
bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
gitlab.freedesktop.org/xorg/xserver/-/commit/0c1a93d319558fe3ab2d94f51d174b4f93810afdmitre
lists.x.org/archives/xorg-announce/2023-December/003435.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000