xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

X11 Mesa 3D Graphics Library 安全漏洞

X11 Mesa 3D Graphics Library is a 3D graphics library. A security vulnerability exists in X11 Mesa 3D Graphics Library version 23.0.4, which stems from glxpbuffer.c was found to contain a segmentation conflict vulnerability in a call to glXGetDrawableAttribute...

AZL-35404 CVE-2024-21886 affecting package xorg-x11-server for versions less than 1.20.10-12

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...

xorg-x11-server: heap buffer overflow in DisableDevice

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...

xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer

A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leadin...

X.Org X Server, XWayland: Multiple Vulnerabilities

Background The X Window System is a graphical windowing system based on a client/server model. Description Multiple vulnerabilities have been discovered in X.Org X Server and XWayland. Please review the CVE identifiers referenced below for details. Impact The X server can be crashed by a maliciou...

xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer

A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leadin...

xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer

A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leadin...

xorg-x11-server: heap buffer overflow in DisableDevice

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...

AZL-33352 CVE-2024-0408 affecting package xorg-x11-server for versions less than 1.20.10-14

A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource as with a GetGeometry or when it creates another resource that needs to access that buffer, such as...

ImageMagick security update

CentOS Errata and Security Advisory CESA-2023:5461 An update for ImageMagick is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

SUSE CVE-2024-0229

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation if the server runs with extended privileges, or...

UBUNTU-CVE-2024-21886

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...

Moderate: Red Hat Security Advisory: pixman security update

An update for pixman is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: pixman security update

Pixman is a pixel manipulation library for the X Window System and Cairo. Security Fixes: pixman: Integer overflow in pixmansamplefloory leading to heap out-of-bounds write CVE-2022-44638 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

ALSA-2024:0131 Moderate: pixman security update

Pixman is a pixel manipulation library for the X Window System and Cairo. Security Fixes: pixman: Integer overflow in pixmansamplefloory leading to heap out-of-bounds write CVE-2022-44638 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty

A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information...

xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions

A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved...

xorg-server buffer error vulnerability

xorg-x11-server is an X Window System display server from the X.org Foundation. A security vulnerability exists in xorg-server versions prior to 21.1.10, xwayland versions prior to 23.2.3, which stems from a memory read/write overrun that may be caused by querying or changing an XKB button...

Moderate: Red Hat Security Advisory: pixman security update

An update for pixman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...