Search CVE reports
1 – 10 of 141 results
An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger...
7 affected packages
xorg, xorg-hwe-16.04, xorg-hwe-18.04, xorg-server, xorg-server-hwe-16.04...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| xorg | Not affected | Not affected | Not affected | Not affected | Not affected |
| xorg-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-hwe-18.04 | Not in release | Not in release | Not in release | — | Not affected |
| xorg-server | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-server-hwe-18.04 | Not in release | Not in release | Not in release | — | Needs evaluation |
| xwayland | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure.
7 affected packages
xorg, xorg-hwe-16.04, xorg-hwe-18.04, xorg-server, xorg-server-hwe-16.04...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| xorg | Not affected | Not affected | Not affected | Not affected | Not affected |
| xorg-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-hwe-18.04 | Not in release | Not in release | Not in release | — | Not affected |
| xorg-server | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-server-hwe-18.04 | Not in release | Not in release | Not in release | — | Needs evaluation |
| xwayland | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to...
7 affected packages
xorg, xorg-hwe-16.04, xorg-hwe-18.04, xorg-server, xorg-server-hwe-16.04...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| xorg | Not affected | Not affected | Not affected | Not affected | Not affected |
| xorg-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-hwe-18.04 | Not in release | Not in release | Not in release | — | Not affected |
| xorg-server | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-server-hwe-18.04 | Not in release | Not in release | Not in release | — | Needs evaluation |
| xwayland | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection...
7 affected packages
xorg, xorg-hwe-16.04, xorg-hwe-18.04, xorg-server, xorg-server-hwe-16.04...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| xorg | Not affected | Not affected | Not affected | Not affected | Not affected |
| xorg-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-hwe-18.04 | Not in release | Not in release | Not in release | — | Not affected |
| xorg-server | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-server-hwe-18.04 | Not in release | Not in release | Not in release | — | Needs evaluation |
| xwayland | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second...
7 affected packages
xorg, xorg-hwe-16.04, xorg-hwe-18.04, xorg-server, xorg-server-hwe-16.04...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| xorg | Not affected | Not affected | Not affected | Not affected | Not affected |
| xorg-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-hwe-18.04 | Not in release | Not in release | Not in release | — | Not affected |
| xorg-server | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-server-hwe-18.04 | Not in release | Not in release | Not in release | — | Needs evaluation |
| xwayland | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function CheckKeyTypes() writes to this...
7 affected packages
xorg, xorg-hwe-16.04, xorg-hwe-18.04, xorg-server, xorg-server-hwe-16.04...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| xorg | Not affected | Not affected | Not affected | Not affected | Not affected |
| xorg-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-hwe-18.04 | Not in release | Not in release | Not in release | — | Not affected |
| xorg-server | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-server-hwe-18.04 | Not in release | Not in release | Not in release | — | Needs evaluation |
| xwayland | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckKeyTypes() does not verify or clamp non-canonical key types...
7 affected packages
xorg, xorg-hwe-16.04, xorg-hwe-18.04, xorg-server, xorg-server-hwe-16.04...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| xorg | Not affected | Not affected | Not affected | Not affected | Not affected |
| xorg-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-hwe-18.04 | Not in release | Not in release | Not in release | — | Not affected |
| xorg-server | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-server-hwe-18.04 | Not in release | Not in release | Not in release | — | Needs evaluation |
| xwayland | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X...
7 affected packages
xorg, xorg-hwe-16.04, xorg-hwe-18.04, xorg-server, xorg-server-hwe-16.04...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| xorg | Not affected | Not affected | Not affected | Not affected | Not affected |
| xorg-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-hwe-18.04 | Not in release | Not in release | Not in release | — | Not affected |
| xorg-server | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-server-hwe-18.04 | Not in release | Not in release | Not in release | — | Needs evaluation |
| xwayland | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution....
7 affected packages
xorg, xorg-hwe-16.04, xorg-hwe-18.04, xorg-server, xorg-server-hwe-16.04...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| xorg | Not affected | Not affected | Not affected | Not affected | Not affected |
| xorg-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-hwe-18.04 | Not in release | Not in release | Not in release | — | Not affected |
| xorg-server | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-server-hwe-18.04 | Not in release | Not in release | Not in release | — | Needs evaluation |
| xwayland | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the...
7 affected packages
xorg, xorg-hwe-16.04, xorg-hwe-18.04, xorg-server, xorg-server-hwe-16.04...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| xorg | Not affected | Not affected | Not affected | Not affected | Not affected |
| xorg-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-hwe-18.04 | Not in release | Not in release | Not in release | — | Not affected |
| xorg-server | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xorg-server-hwe-16.04 | Not in release | Not in release | Not in release | — | — |
| xorg-server-hwe-18.04 | Not in release | Not in release | Not in release | — | Needs evaluation |
| xwayland | Needs evaluation | Needs evaluation | Needs evaluation | — | — |