Latest X.org Vulnerabilities

Xorg-x11-server: selinux context corruption
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 25 more
Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 18 more
Xorg-x11-server: selinux unlabeled glx pbuffer
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 26 more
Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.12
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.5
ubuntu/xorg-server<2:21.1.7-1ubuntu3.4
ubuntu/xorg-server<2:21.1.7-3ubuntu2.4
ubuntu/xorg-server<2:21.1.10-1ubuntu1
and 28 more
Xorg-x11-server: out-of-bounds memory reads/writes in xkb button actions
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.12
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.5
ubuntu/xorg-server<2:21.1.7-1ubuntu3.4
ubuntu/xorg-server<2:21.1.7-3ubuntu2.4
ubuntu/xorg-server<2:21.1.10-1ubuntu1
and 27 more
Xorg-x11-server: use-after-free bug in damagedestroy
redhat/xorg-server<21.1.9
X.Org X Server>=1.13.0
Redhat Enterprise Linux=7.0
Xorg-x11-server: use-after-free bug in destroywindow
ubuntu/xorg-server<2:1.15.1-0ubuntu2.11+
ubuntu/xorg-server<2:1.18.4-0ubuntu0.12+
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<21.1.9
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.9
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.2
and 14 more
Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty
debian/xorg-server<=2:1.20.4-1+deb10u4<=2:1.20.11-1+deb11u6
debian/xwayland<=2:22.1.9-1
ubuntu/xorg-server<2:1.15.1-0ubuntu2.11+
ubuntu/xorg-server<2:1.18.4-0ubuntu0.12+
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<21.1.9
and 31 more
Libx11: stack exhaustion from infinite recursion in putsubimage()
X.Org libX11<1.8.7
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=38
ubuntu/libx11<2:1.6.4-3ubuntu0.4+
ubuntu/libx11<2:1.6.9-2ubuntu1.6
and 18 more
Libx11: out-of-bounds memory access in _xkbreadkeysyms()
X.Org libX11<1.8.7
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=38
ubuntu/libx11<2:1.6.4-3ubuntu0.4+
ubuntu/libx11<2:1.6.9-2ubuntu1.6
and 8 more
Libxpm: out of bounds read in xpmcreatexpmimagefrombuffer()
X.org Libxpm<3.5.17
Fedoraproject Fedora=38
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
ubuntu/libxpm<1:3.5.12-1ubuntu0.18.04.2+
ubuntu/libxpm<1:3.5.12-1ubuntu0.20.04.2
and 11 more
Libx11: integer overflow in xcreateimage() leading to a heap overflow
X.Org libX11<1.8.7
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=38
ubuntu/libx11<2:1.6.4-3ubuntu0.4+
ubuntu/libx11<2:1.6.9-2ubuntu1.6
and 18 more
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the...
X.Org libX11<1.8.6
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
redhat/libX11<1.8.6
IBM QRadar SIEM<=7.5 - 7.5.0 UP8 IF01
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would lea...
X.org Xorg-server<21.1.8
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Fedoraproject Fedora=38
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write i...
redhat/xorg-server<21.1.7
X.Org X Server<21.1.7
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=8.1
and 30 more
A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find thes...
X.org Libxpm<3.5.15
redhat/libXpm<3.5.15
ubuntu/libxpm<1:3.5.12-1ubuntu0.18.04.2
ubuntu/libxpm<1:3.5.12-1ubuntu0.20.04.1
ubuntu/libxpm<1:3.5.12-1ubuntu0.22.04.1
ubuntu/libxpm<1:3.5.12-1ubuntu0.22.10.1
and 4 more
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of S...
X.org Libxpm<3.5.15
redhat/libXpm<3.5.15
ubuntu/libxpm<1:3.5.12-1ubuntu0.18.04.2
ubuntu/libxpm<1:3.5.12-1ubuntu0.20.04.1
ubuntu/libxpm<1:3.5.12-1ubuntu0.22.04.1
ubuntu/libxpm<1:3.5.12-1ubuntu0.22.10.1
and 4 more
A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Se...
X.org Libxpm<3.5.15
redhat/libXpm<3.5.15
ubuntu/libxpm<1:3.5.12-1ubuntu0.18.04.2
ubuntu/libxpm<1:3.5.12-1ubuntu0.20.04.1
ubuntu/libxpm<1:3.5.12-1ubuntu0.22.04.1
ubuntu/libxpm<1:3.5.12-1ubuntu0.22.10.1
and 5 more
CVE-2022-4283/ZDI-CAN-19530: X.Org Server XkbGetKbdByName use-after-free The XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent Xkb...
X.org Xorg-server=1.20.4
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
and 4 more
A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential...
X.Org X Server=1.20.4
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=36
and 9 more
CVE-2022-46343/ZDI-CAN-19404: X.Org Server ScreenSaverSetAttributes use-after-free The handler for the ScreenSaverSetAttributes request may write to memory after it has been freed.
X.Org X Server=1.20.4
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=36
and 4 more
CVE-2022-46342/ZDI-CAN-19400: X.Org Server XvdiSelectVideoNotify use-after-free The handler for the XvdiSelectVideoNotify request may write to memory after it has been freed.
X.Org X Server=1.20.4
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=36
and 4 more
CVE-2022-46341/ZDI-CAN-19381: X.Org Server XIPassiveUngrab out-of-bounds access The handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button co...
X.Org X Server=1.20.4
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=36
and 4 more
CVE-2022-46340/ZDI-CAN-19265: X.Org Server XTestSwapFakeInput stack overflow The swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths...
X.Org X Server=1.20.4
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=36
and 4 more
A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It ...
debian/xorg-server<=2:1.20.4-1+deb10u4
debian/xwayland
X.Org X Server<21.1.6
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Fedoraproject Fedora=35
and 2 more
A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory...
debian/xorg-server<=2:1.20.4-1+deb10u4
debian/xwayland
X.Org X Server<21.1.6
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Fedoraproject Fedora=35
and 2 more
A vulnerability, which was classified as problematic, was found in X.org Server. This affects an unknown part of the file hw/xquartz/X11Controller.m of the component xquartz. The manipulation leads to...
X.Org X Server
X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Access Local Privilege Escalation Vulnerability
X.Org Server
X.org Xorg-server=21.1.0
X.Org Server ProcXkbSetGeometry Out-Of-Bounds Access Local Privilege Escalation Vulnerability
X.Org Server
X.org Xorg-server=21.1.0
X.Org Server SProcXFixesCreatePointerBarrier Out-Of-Bounds Access Local Privilege Escalation Vulnerability
X.Org X Server<1.20.14
X.Org X Server=21.1.0
X.Org X Server=21.1.1
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0
and 23 more
X.Org Server SProcScreenSaverSuspend Out-Of-Bounds Access Local Privilege Escalation Vulnerability
X.Org X Server<1.20.14
X.Org X Server=21.1.0
X.Org X Server=21.1.1
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=10.0
and 18 more
X.Org Server SwapCreateRegister Out-Of-Bounds Access Local Privilege Escalation Vulnerability
X.Org X Server<1.20.14
X.Org X Server=21.1.0
X.Org X Server=21.1.1
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0
and 23 more
X.Org Server SProcRenderCompositeGlyphs Out-Of-Bounds Access Privilege Escalation Vulnerability
X.Org X Server<1.20.14
X.Org X Server=21.1.0
X.Org X Server=21.1.1
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0
and 23 more
LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains ...
redhat/redhat-virtualization-host<0:4.3.18-20210903.0.el7_9
debian/libx11<=2:1.7.0-2<=2:1.6.7-1<=2:1.6.7-1+deb10u1
X.Org libX11<1.7.1
X.org X Window System<=x11r7.7
Fedoraproject Fedora=33
debian/libx11
X.Org Server XChangeFeedbackControl Integer Underflow Privilege Escalation Vulnerability
X.Org Server
debian/xorg-server
X.Org X Server<1.20.11
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 4 more
While X11 servers authenticate their clients, X11 clients *do not* authenticate the server. This can be exploited to take control of an X application by impersonating the server it is expecting to co...
X.Org X Server
X.Org xserver is vulnerable to a heap-based buffer overflow, caused by insufficient checks on input of the XkbSetDeviceInfo request. By sending a specially-crafted request, a remote attacker could ove...
redhat/xorg-x11-server<1.20.10
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
IBM Cloud Pak for Security (CP4S)<=1.7.1.0
IBM Cloud Pak for Security (CP4S)<=1.7.0.0
X.Org X Server<1.20.10
Redhat Enterprise Linux=8.0
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, re...
X.Org libX11<1.6.12
Fedoraproject Fedora=33
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
IBM Cloud Pak for Security (CP4S)<=1.7.1.0
IBM Cloud Pak for Security (CP4S)<=1.7.0.0
redhat/libX11<1.6.12
and 5 more
X.Org Server XRecordRegisterClients Integer Underflow Privilege Escalation Vulnerability
X.org Xorg-server<1.20.9
Canonical Ubuntu Linux=14.04
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
and 14 more
X.Org Server XkbSelectEvents Integer Underflow Privilege Escalation Vulnerability
X.org Xorg-server<1.20.9
Canonical Ubuntu Linux=14.04
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
and 14 more
X.Org xserver could allow a remote authenticated attacker to gain elevated privileges on the system, caused by insufficient checks on the lengths of the XkbSetMap request. By sending a specially-craft...
redhat/xorg-x11-server<1.20.10
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
IBM Cloud Pak for Security (CP4S)<=1.7.1.0
IBM Cloud Pak for Security (CP4S)<=1.7.0.0
X.Org X Server<1.20.10
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could re...
debian/xorg-server<=2:1.20.8-2<=2:1.20.4-1
X.org Xorg-server<1.20.9
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
and 16 more
An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setui...
X.Org libX11<1.6.10
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
and 15 more
X.Org Server XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability
X.org Xorg-server<1.20.9
Canonical Ubuntu Linux=14.04
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
and 14 more
X.Org Server XkbSetNames Out-Of-Bounds Access Privilege Escalation Vulnerability
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
IBM Cloud Pak for Security (CP4S)<=1.7.1.0
IBM Cloud Pak for Security (CP4S)<=1.7.0.0
X.Org X Server<1.20.9
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
and 11 more
"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of service (application c...
X.Org X Server<=1.20.4
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in ...
X.org Xorg-server<1.20.3
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux Server=7.0
Redhat Enterprise Linux Server Aus=7.6
Redhat Enterprise Linux Server Eus=7.6
Redhat Enterprise Linux Server Tus=7.6
and 10 more
An issue was discovered in ListExt.c:XListExtensions and GetFPath.c:XGetFontPath in libX11 through version 1.6.5. A malicious server can send a reply in which the first string overflows, causing a var...
X.Org libX11<=1.6.5
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Debian Debian Linux=8.0
and 7 more
An issue was discovered in libX11 through 1.6.5. Functions GetFPath.c:XGetFontPath, ListExt.c:XListExtensions and FontNames.c:XListFonts are vulnerable to an off-by-one error when parsing list of stri...
X.Org libX11<=1.6.5
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Debian Debian Linux=8.0
and 10 more
An issue was discovered in libX11 through 1.6.5. Functions ListExt.c:XListExtensions and GetFPath.c:XGetFontPath interpret a variable as signed instead of unsigned, resulting in an out-of-bounds write...
X.Org libX11<=1.6.5
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Debian Debian Linux=8.0
and 6 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203