1017 matches found
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...
CVE-2026-55655
A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...
EUVD-2026-38413
A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...
CVE-2026-55655
A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...
CVE-2026-55655
A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...
Astra Linux – Vulnerability in xorg-server
A vulnerability classified as critical was discovered in X.org Server. The vulnerability affects the GetCountedString function in the xkb/xkb.c file. This vulnerability can lead to a buffer overflow. It is recommended that you apply a patch to address this issue. The identifier associated with th...
Astra Linux – Vulnerability in xwayland, xorg-server
A use-after-free flaw was discovered in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client releases the root cursor, the internal references point to freed memory, resulting in a use-after-free...
Astra Linux – Vulnerability in libx11, libxpm
A vulnerability was discovered in libX11 due to an infinite loop within the PutSubImage function. This flaw allows a local user to consume all available system resources and cause a denial of service condition...
Astra Linux – Vulnerability in xwayland, xorg-server
A flaw was discovered in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can result in dangling pointers, leading to a use-after-free condition. This can cause memory corruption or a system crash, potentiall...
Astra Linux – Vulnerability in xorg-server
A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...
Astra Linux – Vulnerability in Firefox and Thunderbird
When using X11, text selected by the page using the Selection API is erroneously copied into the primary selection, a temporary storage similar to the clipboard. This bug only affects Firefox on X11. Other systems are unaffected. This vulnerability affects Firefox versions earlier than 120, Firef...
Astra Linux – Vulnerability in GIMP
GIMP XWD File Parsing: Out-of-Bounds Write Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicious file. The...
xorg-x11-server-Xwayland security, bug fix, and enhancement update
An update is available for xorg-x11-server-Xwayland. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Xwayland is an X server for running X clients under Wayland...
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat
An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...
Important: xorg-x11-server security, bug fix, and enhancement update
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution du...
[SECURITY] Fedora 43 Update: xorg-x11-server-21.1.23-1.fc43
X.Org X11 X server...
Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb key types due to unchecked shift levels
...