CVE-2026-50262 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: out-of-bounds read/write in glx changedrawableattributes

An out-of-bounds read flaw was found in the X.Org X server and Xwayland in glXDispChangeDrawableAttributes. A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapp...

CVE-2026-50262

An out-of-bounds read flaw was found in the X.Org X server and Xwayland in glXDispChangeDrawableAttributes. A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapp...

xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

CBL Mariner 2.0 Security Update: xorg-x11-server (CVE-2024-31082)

The version of xorg-x11-server installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-31082 advisory. - A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixma...

Fedora 40 : xorg-x11-server-Xwayland (2024-01a9916e9e)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-01a9916e9e advisory. xwayland 23.2.6 - CVE fix for CVE-2024-31080, CVE-2024-31081, CVE-2024-31083 Tenable has extracted the preceding description block directly from the...

xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

Amazon Linux 2023 : xorg-x11-server-common, xorg-x11-server-devel, xorg-x11-server-source (ALAS2023-2024-583)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-583 advisory. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially...

xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

AZL-45393 CVE-2024-31082 affecting package xorg-x11-server 1.20.10-6

A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

AZL-45300 CVE-2024-31080 affecting package xorg-x11-server 1.20.10-6

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

CVE-2024-31082

CVE-2024-31082 is a heap-based over-read in the X.Org X server (ProcAppleDRICreatePixmap()) triggered when replies use byte-swapped length values, enabling memory leakage and possible crashes. The attack can be effected by a client with a different endianness; while the attacker cannot control th...

CVE-2024-31081

CVE-2024-31081 is a heap-based buffer over-read in the X.Org server (ProcXIPassiveGrabDevice) triggered by using byte-swapped length values in replies, potentially leaking memory and causing segmentation faults when a client differs in endianness. Connected advisories confirm this CVE affects xor...

CVE-2024-31080

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

CVE-2024-31080 Xorg-x11-server: heap buffer overread/data leakage in procxigetselectedevents

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

CVE-2024-31080

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

PT-2024-2942 · Unknown +5 · Xorg-Server +5

Name of the Vulnerable Software and Affected Versions: Xorg-server affected versions not specified Description: A heap-based buffer over-read issue was found in the X.org server's ProcAppleDRICreatePixmap function. This occurs when byte-swapped length values are used in replies, potentially leadi...

UBUNTU-CVE-2024-31081

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

UBUNTU-CVE-2024-31080

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...