Latest X.org Vulnerabilities

CVE-2023-6816
Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer
X.org Xorg-server<21.1.11
X.org Xwayland<23.2.4
Fedoraproject Fedora=39
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux Server=7.0
Redhat Enterprise Linux Workstation=7.0
and 18 more
CVE-2024-0409
Xorg-x11-server: selinux context corruption
redhat/xorg-server<21.1.11
redhat/xwayland<23.2.4
Tigervnc Tigervnc<1.13.1
X.org Xorg-server<21.1.11
X.org Xwayland<23.2.4
Fedoraproject Fedora=39
and 25 more
CVE-2024-0408
Xorg-x11-server: selinux unlabeled glx pbuffer
redhat/xorg-server<21.1.11
redhat/xwayland<23.2.4
Tigervnc Tigervnc<1.13.1
X.org Xorg-server<21.1.11
X.org Xwayland<23.2.4
Fedoraproject Fedora=39
and 26 more
CVE-2023-6478
Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty
redhat/xorg-server<21.1.10
redhat/xwayland<23.2.3
ubuntu/xorg-server<2:1.18.4-0ubuntu0.12+
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<21.1.10
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.12
and 26 more
CVE-2023-6377
Xorg-x11-server: out-of-bounds memory reads/writes in xkb button actions
redhat/xorg-server<21.1.10
redhat/xwayland<23.2.3
Redhat Enterprise Linux Eus=9.2
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Debian Debian Linux=12.0
and 27 more
CVE-2023-5574
Xorg-x11-server: use-after-free bug in damagedestroy
redhat/xorg-server<21.1.9
X.Org X Server>=1.13.0
Redhat Enterprise Linux=7.0
CVE-2023-5380
Xorg-x11-server: use-after-free bug in destroywindow
ubuntu/xorg-server<2:1.15.1-0ubuntu2.11+
ubuntu/xorg-server<2:1.18.4-0ubuntu0.12+
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<21.1.9
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.9
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.2
and 14 more
CVE-2023-5367
Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty
debian/xorg-server<=2:1.20.4-1+deb10u4<=2:1.20.11-1+deb11u6
debian/xwayland<=2:22.1.9-1
ubuntu/xorg-server<2:1.15.1-0ubuntu2.11+
ubuntu/xorg-server<2:1.18.4-0ubuntu0.12+
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<21.1.9
and 27 more
CVE-2023-43786
Libx11: stack exhaustion from infinite recursion in putsubimage()
X.Org libX11<1.8.7
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=38
debian/libx11<=2:1.6.7-1+deb10u2
redhat/libX11<1.8.7
and 18 more
CVE-2023-43785
Libx11: out-of-bounds memory access in _xkbreadkeysyms()
X.Org libX11<1.8.7
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=38
redhat/libX11<1.8.7
debian/libx11<=2:1.6.7-1+deb10u2
and 12 more
CVE-2023-43788
Libxpm: out of bounds read in xpmcreatexpmimagefrombuffer()
X.org Libxpm<3.5.17
Fedoraproject Fedora=38
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
redhat/libXpm<3.5.17
debian/libxpm<=1:3.5.12-1
and 11 more
CVE-2023-43787
Libx11: integer overflow in xcreateimage() leading to a heap overflow
X.Org libX11<1.8.7
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=38
debian/libx11<=2:1.6.7-1+deb10u2
redhat/libX11<1.8.7
and 18 more
CVE-2023-3138
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the...
X.Org libX11<1.8.6
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
redhat/libX11<1.8.6
CVE-2023-1393
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would lea...
X.org Xorg-server<21.1.8
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Fedoraproject Fedora=38
CVE-2023-0494
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write i...
redhat/xorg-server<21.1.7
X.Org X Server<21.1.7
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=8.1
and 30 more
CVE-2022-4883
A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find thes...
redhat/libXpm<3.5.15
ubuntu/libxpm<1:3.5.12-1ubuntu0.18.04.2
ubuntu/libxpm<1:3.5.12-1ubuntu0.20.04.1
ubuntu/libxpm<1:3.5.12-1ubuntu0.22.04.1
ubuntu/libxpm<1:3.5.12-1ubuntu0.22.10.1
ubuntu/libxpm<3.5.15
and 5 more
CVE-2022-44617
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of S...
X.org Libxpm<3.5.15
redhat/libXpm<3.5.15
debian/libxpm<=1:3.5.12-1
ubuntu/libxpm<1:3.5.11-1ubuntu0.16.04.1+
ubuntu/libxpm<3.5.15
ubuntu/libxpm<1:3.5.12-1ubuntu1
and 4 more
CVE-2022-46285
A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Se...
redhat/libXpm<3.5.15
ubuntu/libxpm<1:3.5.11-1ubuntu0.16.04.1+
ubuntu/libxpm<1:3.5.10-1ubuntu0.1+
ubuntu/libxpm<1:3.5.12-1ubuntu0.18.04.2
ubuntu/libxpm<1:3.5.12-1ubuntu0.20.04.1
ubuntu/libxpm<1:3.5.12-1ubuntu0.22.04.1
and 6 more
CVE-2022-4283
CVE-2022-4283/ZDI-CAN-19530: X.Org Server XkbGetKbdByName use-after-free The XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent Xkb...
X.org Xorg-server=1.20.4
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
and 4 more
CVE-2022-46344
A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential...
X.Org X Server=1.20.4
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=36
and 9 more
CVE-2022-46343
CVE-2022-46343/ZDI-CAN-19404: X.Org Server ScreenSaverSetAttributes use-after-free The handler for the ScreenSaverSetAttributes request may write to memory after it has been freed.
X.Org X Server=1.20.4
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=36
and 4 more
CVE-2022-46342
CVE-2022-46342/ZDI-CAN-19400: X.Org Server XvdiSelectVideoNotify use-after-free The handler for the XvdiSelectVideoNotify request may write to memory after it has been freed.
X.Org X Server=1.20.4
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=36
and 4 more
CVE-2022-46341
CVE-2022-46341/ZDI-CAN-19381: X.Org Server XIPassiveUngrab out-of-bounds access The handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button co...
X.Org X Server=1.20.4
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=36
and 4 more
CVE-2022-46340
CVE-2022-46340/ZDI-CAN-19265: X.Org Server XTestSwapFakeInput stack overflow The swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths...
X.Org X Server=1.20.4
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=36
and 4 more
CVE-2022-3551
A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory...
debian/xorg-server<=2:1.20.4-1+deb10u4
debian/xwayland
X.Org X Server<21.1.6
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Fedoraproject Fedora=35
and 2 more
CVE-2022-3550
A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It ...
debian/xorg-server<=2:1.20.4-1+deb10u4
debian/xwayland
X.Org X Server<21.1.6
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Fedoraproject Fedora=35
and 2 more
CVE-2022-3553
A vulnerability, which was classified as problematic, was found in X.org Server. This affects an unknown part of the file hw/xquartz/X11Controller.m of the component xquartz. The manipulation leads to...
X.Org X Server
CVE-2022-2320
X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Access Local Privilege Escalation Vulnerability
X.Org Server
X.org Xorg-server=21.1.0
CVE-2022-2319
X.Org Server ProcXkbSetGeometry Out-Of-Bounds Access Local Privilege Escalation Vulnerability
X.Org Server
X.org Xorg-server=21.1.0
CVE-2021-4009
X.Org Server SProcXFixesCreatePointerBarrier Out-Of-Bounds Access Local Privilege Escalation Vulnerability
X.Org X Server<1.20.14
X.Org X Server=21.1.0
X.Org X Server=21.1.1
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0
and 23 more
CVE-2021-4011
X.Org Server SwapCreateRegister Out-Of-Bounds Access Local Privilege Escalation Vulnerability
X.Org X Server<1.20.14
X.Org X Server=21.1.0
X.Org X Server=21.1.1
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0
and 23 more
CVE-2021-4008
X.Org Server SProcRenderCompositeGlyphs Out-Of-Bounds Access Privilege Escalation Vulnerability
X.Org X Server<1.20.14
X.Org X Server=21.1.0
X.Org X Server=21.1.1
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0
and 23 more
CVE-2021-4010
X.Org Server SProcScreenSaverSuspend Out-Of-Bounds Access Local Privilege Escalation Vulnerability
X.Org X Server<1.20.14
X.Org X Server=21.1.0
X.Org X Server=21.1.1
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=10.0
and 18 more
CVE-2021-31535
LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains ...
redhat/redhat-virtualization-host<0:4.3.18-20210903.0.el7_9
debian/libx11<=2:1.7.0-2<=2:1.6.7-1<=2:1.6.7-1+deb10u1
X.Org libX11<1.7.1
X.org X Window System<=x11r7.7
Fedoraproject Fedora=33
debian/libx11
CVE-2021-3472
X.Org Server XChangeFeedbackControl Integer Underflow Privilege Escalation Vulnerability
X.Org Server
debian/xorg-server
X.Org X Server<1.20.11
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 4 more
CVE-2020-25697
While X11 servers authenticate their clients, X11 clients *do not* authenticate the server. This can be exploited to take control of an X application by impersonating the server it is expecting to co...
X.Org X Server
CVE-2020-25712
X.Org xserver is vulnerable to a heap-based buffer overflow, caused by insufficient checks on input of the XkbSetDeviceInfo request. By sending a specially-crafted request, a remote attacker could ove...
redhat/xorg-x11-server<1.20.10
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
IBM Cloud Pak for Security (CP4S)<=1.7.1.0
IBM Cloud Pak for Security (CP4S)<=1.7.0.0
X.Org X Server<1.20.10
Redhat Enterprise Linux=8.0
CVE-2020-14363
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, re...
X.Org libX11<1.6.12
Fedoraproject Fedora=33
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
IBM Cloud Pak for Security (CP4S)<=1.7.1.0
IBM Cloud Pak for Security (CP4S)<=1.7.0.0
redhat/libX11<1.6.12
and 5 more
CVE-2020-14362
X.Org Server XRecordRegisterClients Integer Underflow Privilege Escalation Vulnerability
X.org Xorg-server<1.20.9
Canonical Ubuntu Linux=14.04
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
and 14 more
CVE-2020-14361
X.Org Server XkbSelectEvents Integer Underflow Privilege Escalation Vulnerability
X.org Xorg-server<1.20.9
Canonical Ubuntu Linux=14.04
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
and 14 more
CVE-2020-14360
X.Org xserver could allow a remote authenticated attacker to gain elevated privileges on the system, caused by insufficient checks on the lengths of the XkbSetMap request. By sending a specially-craft...
redhat/xorg-x11-server<1.20.10
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
IBM Cloud Pak for Security (CP4S)<=1.7.1.0
IBM Cloud Pak for Security (CP4S)<=1.7.0.0
X.Org X Server<1.20.10
CVE-2020-14347
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could re...
debian/xorg-server<=2:1.20.8-2<=2:1.20.4-1
X.org Xorg-server<1.20.9
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
and 16 more
CVE-2020-14344
An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setui...
X.Org libX11<1.6.10
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
and 15 more
CVE-2020-14346
X.Org Server XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability
X.org Xorg-server<1.20.9
Canonical Ubuntu Linux=14.04
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
and 14 more
CVE-2020-14345
X.Org Server XkbSetNames Out-Of-Bounds Access Privilege Escalation Vulnerability
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
IBM Cloud Pak for Security (CP4S)<=1.7.1.0
IBM Cloud Pak for Security (CP4S)<=1.7.0.0
X.Org X Server<1.20.9
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
and 11 more
CVE-2019-17624
"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of service (application c...
X.Org X Server<=1.20.4
CVE-2018-14665
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in ...
X.org Xorg-server<1.20.3
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux Server=7.0
Redhat Enterprise Linux Server Aus=7.6
Redhat Enterprise Linux Server Eus=7.6
Redhat Enterprise Linux Server Tus=7.6
and 10 more
CVE-2018-14599
An issue was discovered in libX11 through 1.6.5. Functions GetFPath.c:XGetFontPath, ListExt.c:XListExtensions and FontNames.c:XListFonts are vulnerable to an off-by-one error when parsing list of stri...
X.Org libX11<=1.6.5
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Debian Debian Linux=8.0
and 10 more
CVE-2018-14600
An issue was discovered in libX11 through 1.6.5. Functions ListExt.c:XListExtensions and GetFPath.c:XGetFontPath interpret a variable as signed instead of unsigned, resulting in an out-of-bounds write...
X.Org libX11<=1.6.5
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Debian Debian Linux=8.0
and 6 more
CVE-2018-14598
An issue was discovered in ListExt.c:XListExtensions and GetFPath.c:XGetFontPath in libX11 through version 1.6.5. A malicious server can send a reply in which the first string overflows, causing a var...
X.Org libX11<=1.6.5
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Debian Debian Linux=8.0
and 7 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203