CVE-2023-1393

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-1393

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-1393.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-1393

Downstream

AZL-25859

AZL-35358

AZL-44478

BELL-CVE-2023-1393

DEBIAN-CVE-2023-1393

DLA-3372-1

DSA-5380-1

MGASA-2023-0131

OESA-2023-1239

RHSA-2023:1548

RHSA-2023:1549

RHSA-2023:1551

RHSA-2023:1592

RHSA-2023:1594

RHSA-2023:1598

RHSA-2023:1599

RHSA-2023:1600

RHSA-2023:6340

RHSA-2023:6341

RHSA-2023:6916

RHSA-2023:6917

RHSA-2025:12751

RLSA-2023:1592

SUSE-SU-2023:1674-1

SUSE-SU-2023:1675-1

SUSE-SU-2023:1677-1

SUSE-SU-2023:1678-1

SUSE-SU-2023:1679-1

SUSE-SU-2023:1680-1

SUSE-SU-2023:1716-1

UBUNTU-CVE-2023-1393

USN-5986-1

openSUSE-SU-2024:12827-1

openSUSE-SU-2024:12834-1

Related

Published

2023-03-30T00:00:00Z

Modified

2026-05-15T11:54:08.177826462Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

Database specific

{
    "cwe_ids": [
        "CWE-416"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/1xxx/CVE-2023-1393.json",
    "cna_assigner": "redhat"
}

References

Affected packages