Lucene search
+L

44 matches found

RedHat Linux
RedHat Linux
added 4 days ago5 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel XkbNumKbdGroups but CheckKeyTypes does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key types to excessive shift...

7.8CVSS7.1AI score0.00161EPSS
Exploits0References7
OSV
OSV
added 4 days ago2 views

ALSA-2026:38488 Important: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg: X11: xserver: X.org: glamor Font Atlas Heap Buffer Overflow CVE-2026-55999 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to th...

8.5CVSS6.1AI score0.00212EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/08 9:46 a.m.7 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS6.9AI score0.00154EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/08 7:36 a.m.7 views

CVE-2026-56000

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent pointing into potentially reallocated memory...

9CVSS6AI score0.00192EPSS
Exploits0References3
OSV
OSV
added 2026/07/08 7:29 a.m.2 views

SUSE-SU-2026:2789-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues - CVE-2026-55999: glamor Font Atlas Heap Buffer Overflow bsc1268893. - CVE-2026-56000: GLX contextTags Use-After-Free in CommonMakeCurrent bsc1268894...

9CVSS6.1AI score0.00212EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-56001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow in BitmapScaleBitmaps in libXfont2 before 2.0.8 due to an overflowing 32bit size could be used by attackers able to access the X Server t...

8.8CVSS6.4AI score0.0038EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/25 1:15 p.m.6 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/25 1:15 p.m.8 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS5.7AI score0.0014EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/22 2:43 a.m.5 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS6.3AI score0.00165EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

Amazon Linux 2023 : xorg-x11-server-common, xorg-x11-server-devel, xorg-x11-server-source (ALAS2023-2026-1790)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1790 advisory. A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer...

7.8CVSS7.4AI score0.00485EPSS
Exploits0References20
ATTACKERKB
ATTACKERKB
added 2026/06/05 10:31 a.m.8 views

CVE-2026-50257

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS5.4AI score0.00142EPSS
Exploits0References24
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

X.Org Server 资源管理错误漏洞

X.Org X Server is an X Window system display server developed by the X.Org Foundation. Xwayland is an open-source communication protocol developed by Xwayland that defines the communication methods between the display server and its clients. There are resource management vulnerabilities in both...

7.8CVSS5.8AI score0.00142EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/05/28 11:42 a.m.14 views

xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

9.1CVSS5.7AI score0.00489EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.18 views

RHEL 9 : xorg-x11-server (RHSA-2026:20555)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20555 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical us...

9.1CVSS5.9AI score0.00489EPSS
Exploits0References12
OSV
OSV
added 2026/05/26 10:7 a.m.12 views

RHSA-2026:20558 Red Hat Security Advisory: xorg-x11-server security update

Bulletin has no description...

7.8CVSS5.7AI score0.00489EPSS
Exploits0References23
RedHat Linux
RedHat Linux
added 2026/05/26 3:26 a.m.16 views

xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

9.1CVSS5.7AI score0.00489EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/26 2:58 a.m.14 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

7.8CVSS6AI score0.0038EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in xorg-server

A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...

7.8CVSS7.1AI score0.00565EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/28 3:1 p.m.7 views

xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption

A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...

7.8CVSS5.4AI score0.00264EPSS
Exploits0References4
Fedora
Fedora
added 2026/04/25 1:57 a.m.8 views

[SECURITY] Fedora 44 Update: xorg-x11-server-21.1.22-1.fc44

X.Org X11 X server...

9.1CVSS5.1AI score0.00489EPSS
Exploits0
Rows per page
Query Builder