534 matches found
CVE-2026-50261 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in syncchangecounter()
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...
EUVD-2026-34817
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...
CVE-2026-50257
A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...
Important: Red Hat Security Advisory: tigervnc security update
An update for tigervnc is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
[SECURITY] Fedora 44 Update: xorg-x11-server-Xwayland-24.1.12-1.fc44
Xwayland is an X server for running X clients under Wayland...
openSUSE 16 Security Update : putty (openSUSE-SU-2026:20851-1)
The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20851-1 advisory. Changes in putty: - Update to release 0.84 Fixed a remotely triggerable double-free in RSA key exchange. Fixed a remotely triggerable crash assertion...
OPENSUSE-SU-2026:20851-1 Security update for putty
This update for putty fixes the following issues: Changes in putty: - Update to release 0.84 Fixed a remotely triggerable double-free in RSA key exchange. Fixed a remotely triggerable crash assertion failure - program termination in NIST ECDSA signature verification. Fixed marking of Telnet and...
RLSA-2026:19343 Important: xorg-x11-server security update
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling...
xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption
A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...
Astra Linux - уязвимость в wayland
An internal reference count is maintained on the buffer pool; this count increments every time a new buffer is created from the pool. The reference count is stored as an integer. On LP64 systems, this can lead to an overflow if the client creates a large number of wlshm buffer objects, or if it...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/vmwgfx: Unmap the surface before resetting it on a plane state Switching to a new plane state requires unreferencing all held surfaces. In the work required for mob cursors, the mapped surfaces started being cached, but th...
Astra Linux - уязвимость в xwayland, xorg-server
A flaw was discovered in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests...
Astra Linux - уязвимость в chromium
Before version 101.0.4951.41, using free after in the Ozone browser extension in Google Chrome allowed a remote attacker to potentially exploit heap corruption by running a Wayland test...
Astra Linux - уязвимость в xorg-server, xwayland
A buffer overflow vulnerability was discovered in X.Org and Xwayland. The function GetBarrierDevice searches for the pointer device based on its device ID and returns the matching value, or NULL, if no match is found. However, if no matching device ID is found, the code will return the last eleme...
[SECURITY] Fedora 42 Update: xorg-x11-server-Xwayland-24.1.11-1.fc42
Xwayland is an X server for running X clients under Wayland...
OESA-2026-2143 xorg-x11-server-xwayland security update
Xwayland is an X server for running X clients under Wayland. %package devel Summary: Development package Requires: pkgconfig %description devel The development package provides the developmental files which are necessary for developing Wayland compositors using Xwayland. %prep %autosetup -n...
[SECURITY] Fedora 42 Update: emacs-30.2-2.fc42
GNU Emacs is a powerful, customizable, self-documenting, modeless text editor. It contains special code editing features, a scripting language elisp, and the capability to read mail, news, and more without leaving the editor. This package provides an emacs binary with support for Wayland, using t...
xorg-x11-server-Xwayland security update
An update is available for xorg-x11-server-Xwayland. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Xwayland is an X server for running X clients under Wayland...
Fedora 44 : emacs (2026-ea9adf4496)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ea9adf4496 advisory. Recent KDEs default to Wayland, so Suggest PGTK build there. ---- libpixbufloader-xpm.so no-longer required with recent Glycin. Tenable has extracted the...
[SECURITY] Fedora 44 Update: xorg-x11-server-Xwayland-24.1.10-1.fc44
Xwayland is an X server for running X clients under Wayland...