VDB
ALSA-2024%3A2146
ALSA-2024%3A2146
PUBLISHED
X.Org X11 libXpm runtime library. Security Fix(es): * libXpm: out of bounds read in XpmCreateXpmImageFromBuffer() (CVE-2023-43788) * libXpm: out of bounds read on XPM with corrupted colormap (CVE-2023-43789) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| AlmaLinux:9 | libXpm | 0, 0 |
| AlmaLinux:9 | libXpm-devel | 0, 0 |
Timeline
- Apr 30, 2024 CVE Published
- May 7, 2024 CVE Updated
- Mar 6, 2026 Distribution Patch
- Mar 6, 2026 Distribution Patch
- Mar 6, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2024:2146 vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-43788 third-party-advisory
- https://access.redhat.com/security/cve/CVE-2023-43789 third-party-advisory
- https://bugzilla.redhat.com/2242248 third-party-advisory
- https://bugzilla.redhat.com/2242249 third-party-advisory
- https://errata.almalinux.org/9/ALSA-2024-2146.html vendor-advisory