Latest x.org xorg-server Vulnerabilities

CVE-2024-0409
Xorg-x11-server: selinux context corruption
redhat/xorg-server<21.1.11
redhat/xwayland<23.2.4
Tigervnc Tigervnc<1.13.1
X.org Xorg-server<21.1.11
X.org Xwayland<23.2.4
Fedoraproject Fedora=39
and 23 more
CVE-2023-6816
Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer
X.org Xorg-server<21.1.11
X.org Xwayland<23.2.4
Fedoraproject Fedora=39
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux Server=7.0
Redhat Enterprise Linux Workstation=7.0
and 18 more
CVE-2024-0408
Xorg-x11-server: selinux unlabeled glx pbuffer
redhat/xorg-server<21.1.11
redhat/xwayland<23.2.4
Tigervnc Tigervnc<1.13.1
X.org Xorg-server<21.1.11
X.org Xwayland<23.2.4
Fedoraproject Fedora=39
and 26 more
CVE-2023-1393
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would lea...
X.org Xorg-server<21.1.8
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Fedoraproject Fedora=38
CVE-2022-4283
CVE-2022-4283/ZDI-CAN-19530: X.Org Server XkbGetKbdByName use-after-free The XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent Xkb...
X.org Xorg-server=1.20.4
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
and 4 more
CVE-2022-2320
X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Access Local Privilege Escalation Vulnerability
X.Org Server
X.org Xorg-server=21.1.0
CVE-2022-2319
X.Org Server ProcXkbSetGeometry Out-Of-Bounds Access Local Privilege Escalation Vulnerability
X.Org Server
X.org Xorg-server=21.1.0
CVE-2020-14362
X.Org Server XRecordRegisterClients Integer Underflow Privilege Escalation Vulnerability
X.org Xorg-server<1.20.9
Canonical Ubuntu Linux=14.04
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
and 14 more
CVE-2020-14361
X.Org Server XkbSelectEvents Integer Underflow Privilege Escalation Vulnerability
X.org Xorg-server<1.20.9
Canonical Ubuntu Linux=14.04
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
and 14 more
CVE-2020-14347
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could re...
debian/xorg-server<=2:1.20.8-2<=2:1.20.4-1
X.org Xorg-server<1.20.9
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
and 16 more
CVE-2020-14346
X.Org Server XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability
X.org Xorg-server<1.20.9
Canonical Ubuntu Linux=14.04
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
and 14 more
CVE-2018-14665
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in ...
X.org Xorg-server<1.20.3
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux Server=7.0
Redhat Enterprise Linux Server Aus=7.6
Redhat Enterprise Linux Server Eus=7.6
Redhat Enterprise Linux Server Tus=7.6
and 10 more
CVE-2017-2624
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xor...
X.org Xorg-server<=1.19.4
Debian Debian Linux=7.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203