Question 1

What is CVE-2023-6377 — CVE-2023-6377?

Accepted Answer

A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved.

Question 2

What is the authoritative source for CVE-2023-6377?

Accepted Answer

CVE-2023-6377 (CVE-2023-6377) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	7.8 ()
Vector	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Last modified	2026-06-23

CVE-2023-6377CVE-2023-6377

Description

Scoring