Vulnerabilities (CVE)

Filtered by vendor X.org Subscribe
Filtered by product Xorg-server
Total 47 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-6816 4 Debian, Fedoraproject, Redhat and 1 more 7 Debian Linux, Fedora, Enterprise Linux Desktop and 4 more 2024-09-16 N/A 9.8 CRITICAL
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.
CVE-2023-1393 2 Fedoraproject, X.org 2 Fedora, Xorg-server 2024-02-28 N/A 7.8 HIGH
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
CVE-2022-4283 4 Debian, Fedoraproject, Redhat and 1 more 4 Debian Linux, Fedora, Enterprise Linux and 1 more 2024-02-28 N/A 7.8 HIGH
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
CVE-2022-2320 1 X.org 1 Xorg-server 2024-02-28 N/A 7.8 HIGH
A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker to escalate privileges and execute arbitrary code in the context of root.
CVE-2022-2319 1 X.org 1 Xorg-server 2024-02-28 N/A 7.8 HIGH
A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length.
CVE-2020-14361 3 Canonical, Redhat, X.org 3 Ubuntu Linux, Enterprise Linux, Xorg-server 2024-02-28 4.6 MEDIUM 7.8 HIGH
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14346 3 Canonical, Redhat, X.org 3 Ubuntu Linux, Enterprise Linux, Xorg-server 2024-02-28 4.6 MEDIUM 7.8 HIGH
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14347 3 Canonical, Debian, X.org 3 Ubuntu Linux, Debian Linux, Xorg-server 2024-02-28 2.1 LOW 5.5 MEDIUM
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
CVE-2020-14362 3 Canonical, Redhat, X.org 3 Ubuntu Linux, Enterprise Linux, Xorg-server 2024-02-28 4.6 MEDIUM 7.8 HIGH
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2017-2624 2 Debian, X.org 2 Debian Linux, Xorg-server 2024-02-28 1.9 LOW 7.0 HIGH
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack.
CVE-2018-14665 4 Canonical, Debian, Redhat and 1 more 9 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 6 more 2024-02-28 7.2 HIGH 6.6 MEDIUM
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.
CVE-2017-12178 2 Debian, X.org 2 Debian Linux, Xorg-server 2024-02-28 7.5 HIGH 9.8 CRITICAL
xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12185 2 Debian, X.org 2 Debian Linux, Xorg-server 2024-02-28 7.5 HIGH 9.8 CRITICAL
xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12179 2 Debian, X.org 2 Debian Linux, Xorg-server 2024-02-28 7.5 HIGH 9.8 CRITICAL
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12180 2 Debian, X.org 2 Debian Linux, Xorg-server 2024-02-28 7.5 HIGH 9.8 CRITICAL
xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12181 2 Debian, X.org 2 Debian Linux, Xorg-server 2024-02-28 7.5 HIGH 9.8 CRITICAL
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12183 2 Debian, X.org 2 Debian Linux, Xorg-server 2024-02-28 7.5 HIGH 9.8 CRITICAL
xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12186 2 Debian, X.org 2 Debian Linux, Xorg-server 2024-02-28 7.5 HIGH 9.8 CRITICAL
xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12176 2 Debian, X.org 2 Debian Linux, Xorg-server 2024-02-28 7.5 HIGH 9.8 CRITICAL
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
CVE-2017-12177 2 Debian, X.org 2 Debian Linux, Xorg-server 2024-02-28 7.5 HIGH 9.8 CRITICAL
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.