QwikSec

Security Database

CVE

CWE

Training

CVE-2023-1393

Published: Mar 30, 2023

Modified: Jan 22, 2026

PUBLISHED

Description

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

Vendor	Product	Versions
n/a	xorg-server	affected `xorg-server 21.1.8`

Weaknesses (CWE)

References

https://www.openwall.com/lists/oss-security/2023/03/29/1

FEDORA-2023-eb3c27ff25

vendor-advisory

FEDORA-2023-b7835960ac

vendor-advisory

FEDORA-2023-b87fd3a628

vendor-advisory

FEDORA-2023-f754e7abfd

vendor-advisory

FEDORA-2023-66d5af0278

vendor-advisory

FEDORA-2023-239bae4b57

vendor-advisory

FEDORA-2023-fe18ae3e85

vendor-advisory

FEDORA-2023-6f3f9ee721

vendor-advisory

vendor-advisory

https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.