RHEL 9 : tigervnc (RHSA-2026:21741)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:21741 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...

Astra Linux - уязвимость в xorg-server

A flaw was discovered in the X.Org Server Overlay Window. A use-after-free could lead to local privilege escalation. If a client explicitly destroys the compositor overlay window also known as COW, the Xserver will retain a dangling pointer to that window in the CompScreen structure, which will...

X.Org Server present_create_notifies Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation if the server runs with extended privileges, or...

CVE-2023-6816 Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer

A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leadin...

USN-6587-1 xorg-server, xwayland vulnerabilities

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. CVE-2023-6816 Jan-Nikl...

UBUNTU-CVE-2024-0229

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation if the server runs with extended privileges, or...

xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability

A vulnerability was found in X.Org Server. This flaw occurs if a client explicitly destroys the compositor overlay window aka COW, where Xserver leaves a dangling pointer to that window in the CompScreen structure, which will later trigger a use-after-free issue. The Overlay Window use-after-free...

USN-6453-1 xorg-server, xwayland vulnerabilities

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled prepending values to certain properties. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. CVE-2023-5367 Sri discovered that the X.Org X Server incorrectl...

DEBIAN-CVE-2022-46343

A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution f...

MGASA-2018-0421 Updated x11-server packages fix security vulnerability

A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root...

xorg-x11-server: integer overflow in X11 core protocol requests when calculating memory needs for requests

Multiple integer overflow flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges...