8 matches found
Astra Linux – Vulnerability in xorg-server
A flaw related to out-of-bounds memory access was discovered in the X.Org server. This issue can occur when a device that has been frozen by a sync operation is reattached to a different master device. This issue may result in an application crashing, local privilege escalation if the server runs...
Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
...
Important: xorg-x11-server
Issue Overview: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer NOTE: https://lists.x.org/archives/xorg/2024-January/061525.html NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/9e2ecb2af8302dedc49cb6a63ebe063c58a9e7e3 CVE-2023-6816 Reattaching to different master device...
AZL-44880 CVE-2024-0229 affecting package xorg-x11-server 1.20.10-6
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation if the server runs with extended privileges, or...
AZL-34214 CVE-2024-0229 affecting package xorg-x11-server for versions less than 1.20.10-12
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation if the server runs with extended privileges, or...
USN-6587-1 xorg-server, xwayland vulnerabilities
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. CVE-2023-6816 Jan-Nikl...
libvirt: several API calls do not honour read-only connection
libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service host OS crash or possibly execute arbitrary code via a 1 virNodeDeviceDettach, 2 virNodeDeviceReset, 3 virDomainRevertToSnapsho...
DEBIAN-CVE-2011-1146
libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service host OS crash or possibly execute arbitrary code via a 1 virNodeDeviceDettach, 2 virNodeDeviceReset, 3 virDomainRevertToSnapsho...