VDB
ALPINE-CVE-2023-43786
ALPINE-CVE-2023-43786
PUBLISHED
CVSS 5.5 MEDIUM
A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.17 | libx11 | 1.8.4-r1, 0, 1.1.99.2-r1 |
| Alpine:v3.23 | libx11 | 1.8.2-r1, 1.3.4-r0, 0 |
| Alpine:v3.22 | libx11 | 1.8.4-r4, 1.8.2-r1, 1.8.2-r2 |
| Alpine:v3.20 | libx11 | 1.1.99.2-r1, 0, 1.1.99.2-r0 |
| Alpine:v3.18 | libx11 | 1.3.3-r0, 1.4.3-r0, 1.4.1-r0 |
| Alpine:v3.21 | libx11 | 1.4.1-r0, 1.4.3-r0, 1.4.3-r1 |
| Alpine:v3.19 | libx11 | 1.7.1-r0, 1.7.0-r0, 1.6.9-r0 |
| Alpine:v3.16 | libx11 | 1.4.3-r3, 0, 1.1.99.2-r0 |
Exploit Intelligence
- jfrog/jfrog-CVE-2023-43786-libX11_DoS (github-poc)
- errata73.html (github-poc)
Timeline
- Oct 10, 2023 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch