Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:38590
HistoryDec 24, 2022 - 7:43 a.m.

Remote Code Execution (RCE)

2022-12-2407:43:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
xorg-server
rce
remote code execution
xtestfakeinput
genericevents
stack corruption

EPSS

0.075

Percentile

94.3%

xorg-server is vulnerable to Remote Code Execution (RCE).The vulnerability exists because the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request.

References