CVE-2025-62230

A flaw was discovered in the X.Org X server’s X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected...

CVE-2025-62231

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

SUSE: Security Advisory (SUSE-SU-2025:02207-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-49176

A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check...

CVE-2025-49178

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service...

Fedora: Security Advisory (FEDORA-2025-4a832bf2b1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-26596

A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms differs from what is written in XkbWriteKeySyms, which may lead to a heap-based buffer overflow...

CVE-2025-26597

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...

CVE-2025-26599

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow will return a BadAlloc error without validating the window tree marked just before, which leaves the...

CVE-2024-9632

A flaw was found in the X.org server. Due to improperly tracked allocation size in XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org serv...

OPENSUSE-SU-2024:10431-1 xorg-x11-7.6_1-16.2 on GA media

These are all security issues fixed in the xorg-x11-7.61-16.2 package on the GA media of openSUSE Tumbleweed...

openSUSE Security Advisory (SUSE-SU-2024:1262-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Open redirect

It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users...

Debian: Security Advisory (DSA-2364-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...