X.Org

Xwayland

36 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.28%
  • Veröffentlicht 08.07.2026 08:07:11
  • Zuletzt bearbeitet 09.07.2026 16:39:17

Local attackers with a X connection able to provide PCX fonts to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a heap buffer overflow via SetFont due to missing glyph boundary checks.

  • EPSS 0.21%
  • Veröffentlicht 08.07.2026 07:36:15
  • Zuletzt bearbeitet 09.07.2026 16:39:17

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent() pointing into potentially reallocated memory.

  • EPSS 0.14%
  • Veröffentlicht 05.06.2026 10:36:46
  • Zuletzt bearbeitet 08.07.2026 20:16:51

A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure.

  • EPSS 0.13%
  • Veröffentlicht 05.06.2026 10:36:43
  • Zuletzt bearbeitet 08.07.2026 20:16:51

An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosu...

  • EPSS 0.15%
  • Veröffentlicht 05.06.2026 10:36:37
  • Zuletzt bearbeitet 09.07.2026 13:17:27

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. Thi...

  • EPSS 0.14%
  • Veröffentlicht 05.06.2026 10:36:33
  • Zuletzt bearbeitet 09.07.2026 13:17:27

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those cou...

  • EPSS 0.15%
  • Veröffentlicht 05.06.2026 10:36:30
  • Zuletzt bearbeitet 09.07.2026 13:17:26

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. ...

  • EPSS 0.16%
  • Veröffentlicht 05.06.2026 10:31:39
  • Zuletzt bearbeitet 09.07.2026 13:17:25

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckKeyTypes() does not verify or clamp non-canonical key types to XkbMaxShiftLevel...

  • EPSS 0.17%
  • Veröffentlicht 05.06.2026 10:31:39
  • Zuletzt bearbeitet 09.07.2026 13:17:26

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function CheckKeyTypes() writes to this buffer at a client-con...

  • EPSS 0.14%
  • Veröffentlicht 05.06.2026 10:31:22
  • Zuletzt bearbeitet 09.07.2026 13:17:25

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence ...