First published: Wed Dec 06 2023(Updated: )
A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/xorg-server | <21.1.10 | 21.1.10 |
redhat/xwayland | <23.2.3 | 23.2.3 |
Redhat Enterprise Linux Eus | =9.2 | |
Debian Debian Linux | =10.0 | |
Debian Debian Linux | =11.0 | |
Debian Debian Linux | =12.0 | |
All of | ||
X.Org X Server | <21.1.10 | |
Any of | ||
Redhat Enterprise Linux | =6.0 | |
Redhat Enterprise Linux | =7.0 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux | =9.0 | |
All of | ||
X.org Xwayland | <23.2.3 | |
Any of | ||
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux | =9.0 | |
All of | ||
Tigervnc Tigervnc | ||
Any of | ||
Redhat Enterprise Linux | =6.0 | |
Redhat Enterprise Linux | =7.0 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux | =9.0 | |
debian/xorg-server | 2:1.20.11-1+deb11u13 2:1.20.11-1+deb11u14 2:21.1.7-3+deb12u8 2:21.1.14-2 2:21.1.15-2 | |
debian/xwayland | <=2:22.1.9-1 | 2:24.1.4-2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.