CVE-2023-6816: 
NixOS vulnerability analysis and mitigation

CVE-2023-6816 affects the X.Org server, discovered in January 2024. The vulnerability exists in both DeviceFocusEvent and XIQueryPointer reply functionality, where buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server only allocated space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used (OSS Security, NVD).

The vulnerability is classified as a heap buffer overflow vulnerability with a CVSS v3.1 base score of 9.8 CRITICAL (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The issue was introduced in xorg-server-1.13.0 (2012) and affects both the X.Org server and Xwayland implementations. The vulnerability was discovered by Jan-Niklas Sohn working with Trend Micro Zero Day Initiative (OSS Security).

Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). In environments with X11 forwarding, this could potentially lead to remote code execution (Gentoo Security, NetApp Security).

The vulnerability has been fixed in xorg-server version 21.1.11 and xwayland version 23.2.4. Users are advised to upgrade to these or later versions. As a temporary workaround, users can ensure no untrusted clients can access the running X implementation (Gentoo Security).

Multiple major Linux distributions and vendors have released security advisories and patches, including Red Hat, Debian, Fedora, and Gentoo. NetApp has also issued an advisory for their affected products (Red Hat Security, Debian Security).