Unrated severityNVD Advisory· Published Jan 18, 2024· Updated Mar 19, 2026

Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer

CVE-2023-6816

Description

A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.

Affected products

Red Hat/Enterprise Linuxcpe-rescue6 versions
cpe:/a:redhat:enterprise_linux:8::appstream+ 5 more
- cpe:/a:redhat:enterprise_linux:8::appstreamrange: 0:21.1.3-15.el8
- cpe:/a:redhat:enterprise_linux:8::crbrange: 0:1.20.11-22.el8
- cpe:/a:redhat:enterprise_linux:9::appstreamrange: 0:22.1.9-5.el9
- cpe:/a:redhat:enterprise_linux:9::crbrange: 0:1.20.11-24.el9
- cpe:/o:redhat:enterprise_linux:6
- cpe:/o:redhat:enterprise_linux:7::workstationrange: 0:1.8.0-31.el7_9
Red Hat/Enterprise Linux Update Services For Sap Solutionscpe-rescue2 versions
cpe:/a:redhat:rhel_e4s:8.2::appstream+ 1 more
- cpe:/a:redhat:rhel_e4s:8.2::appstreamrange: 0:1.9.0-15.el8_2.9
- cpe:/a:redhat:rhel_e4s:8.4::appstreamrange: 0:1.11.0-8.el8_4.8
Red Hat/Red Hat Enterprise Linux 8.6 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:8.6::appstream
Range: 0:1.12.0-6.el8_6.9
Red Hat/Red Hat Enterprise Linux 8.8 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:8.8::appstream
Range: 0:1.12.0-15.el8_8.7
Red Hat/Red Hat Enterprise Linux 9.0 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:9.0::appstream
Range: 0:1.11.0-22.el9_0.8
Red Hat/Red Hat Enterprise Linux 9.2 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:9.2::appstream
Range: 0:1.12.0-14.el9_2.5
Red Hat/Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSIONv5
cpe:/o:redhat:rhel_els:6
Range: 0:1.1.0-25.el6_10.13
osv-coords58 versions
pkg:apk/chainguard/gtf pkg:apk/chainguard/Xnest pkg:apk/chainguard/xorg-server pkg:apk/chainguard/xorg-server-common pkg:apk/chainguard/xorg-server-dev pkg:apk/chainguard/xorg-server-doc pkg:apk/chainguard/Xvfb pkg:apk/chainguard/xvfb-run pkg:apk/wolfi/gtf pkg:apk/wolfi/Xnest pkg:apk/wolfi/xorg-server pkg:apk/wolfi/xorg-server-common pkg:apk/wolfi/xorg-server-dev pkg:apk/wolfi/xorg-server-doc pkg:apk/wolfi/Xvfb pkg:apk/wolfi/xvfb-run pkg:rpm/almalinux/tigervnc pkg:rpm/almalinux/tigervnc-icons pkg:rpm/almalinux/tigervnc-license pkg:rpm/almalinux/tigervnc-selinux pkg:rpm/almalinux/tigervnc-server pkg:rpm/almalinux/tigervnc-server-minimal pkg:rpm/almalinux/tigervnc-server-module pkg:rpm/almalinux/xorg-x11-server-common pkg:rpm/almalinux/xorg-x11-server-devel pkg:rpm/almalinux/xorg-x11-server-source pkg:rpm/almalinux/xorg-x11-server-Xdmx pkg:rpm/almalinux/xorg-x11-server-Xephyr pkg:rpm/almalinux/xorg-x11-server-Xnest pkg:rpm/almalinux/xorg-x11-server-Xorg pkg:rpm/almalinux/xorg-x11-server-Xvfb pkg:rpm/almalinux/xorg-x11-server-Xwayland pkg:rpm/opensuse/xorg-x11-server&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/xorg-x11-server&distro=openSUSE%20Tumbleweed pkg:rpm/opensuse/xwayland&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/xwayland&distro=openSUSE%20Tumbleweed pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP4 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Manager%20Proxy%204.3 pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Manager%20Server%204.3 pkg:rpm/suse/xwayland&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5
< 21.1.10-r5+ 57 more
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 21.1.10-r5
- (no CPE)range: < 1.13.1-3.el9_3.6.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.6.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.6.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.6.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.6.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.6.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.6.alma.1
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 22.1.9-5.el9
- (no CPE)range: < 21.1.4-150500.7.18.1
- (no CPE)range: < 21.1.11-1.1
- (no CPE)range: < 22.1.5-150500.7.14.1
- (no CPE)range: < 23.2.4-1.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150400.38.40.1
- (no CPE)range: < 1.20.3-150400.38.40.1
- (no CPE)range: < 21.1.4-150500.7.18.1
- (no CPE)range: < 21.1.4-150500.7.18.1
- (no CPE)range: < 1.20.3-150400.38.40.1
- (no CPE)range: < 1.19.6-10.65.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150400.38.40.1
- (no CPE)range: < 1.19.6-10.65.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150400.38.40.1
- (no CPE)range: < 1.19.6-10.65.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150400.38.40.1
- (no CPE)range: < 1.20.3-150400.38.40.1
- (no CPE)range: < 22.1.5-150500.7.14.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHSA-2024:0320mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0557mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0558mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0597mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0607mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0614mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0617mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0621mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0626mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0629mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:2169mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:2170mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:2995mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:2996mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2025:12751mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/security/cve/CVE-2023-6816mitrevdb-entryx_refsource_REDHAT
bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000