Latest x.org xorg-server Vulnerabilities

Xorg-x11-server: selinux context corruption
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 25 more
Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 18 more
Xorg-x11-server: selinux unlabeled glx pbuffer
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 26 more
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would lea...
X.org Xorg-server<21.1.8
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Fedoraproject Fedora=38
CVE-2022-4283/ZDI-CAN-19530: X.Org Server XkbGetKbdByName use-after-free The XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent Xkb...
X.org Xorg-server=1.20.4
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
and 4 more
X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Access Local Privilege Escalation Vulnerability
X.Org Server
X.org Xorg-server=21.1.0
X.Org Server ProcXkbSetGeometry Out-Of-Bounds Access Local Privilege Escalation Vulnerability
X.Org Server
X.org Xorg-server=21.1.0
X.Org Server XRecordRegisterClients Integer Underflow Privilege Escalation Vulnerability
X.org Xorg-server<1.20.9
Canonical Ubuntu Linux=14.04
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
and 14 more
X.Org Server XkbSelectEvents Integer Underflow Privilege Escalation Vulnerability
X.org Xorg-server<1.20.9
Canonical Ubuntu Linux=14.04
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
and 14 more
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could re...
debian/xorg-server<=2:1.20.8-2<=2:1.20.4-1
X.org Xorg-server<1.20.9
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
and 16 more
X.Org Server XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability
X.org Xorg-server<1.20.9
Canonical Ubuntu Linux=14.04
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
and 14 more
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in ...
X.org Xorg-server<1.20.3
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux Server=7.0
Redhat Enterprise Linux Server Aus=7.6
Redhat Enterprise Linux Server Eus=7.6
Redhat Enterprise Linux Server Tus=7.6
and 10 more
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xor...
X.org Xorg-server<=1.19.4
Debian Debian Linux=7.0

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203