Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    96 vulnerabilities found for xorg-server by X.Org

    CVE-2026-55999 (GCVE-0-2026-55999)

    Vulnerability from nvd – Published: 2026-07-08 08:07 – Updated: 2026-07-09 03:55
    VLAI
    Title
    xorg-server / xwayland glamor font atlas Heap Buffer Overflow
    Summary
    Local attackers with a X connection able to provide PCX fonts to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a heap buffer overflow via SetFont due to missing glyph boundary checks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based buffer overflow
    Assigner
    Impacted products
    Vendor Product Version
    X.Org xorg-server Affected: 0 , < 21.1.24 (rpm)
    Create a notification for this product.
    X.Org xwayland Affected: 0 , < 24.1.13 (rpm)
    Create a notification for this product.
    Date Public
    2026-07-08 07:51
    Credits
    Anonymous working with Trend Micro Zero Day Initiative.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-55999",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-08T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T03:55:43.683Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "xorg-server",
              "product": "xorg-server",
              "repo": "https://gitlab.freedesktop.org/xorg/xserver/",
              "vendor": "X.Org",
              "versions": [
                {
                  "lessThan": "21.1.24",
                  "status": "affected",
                  "version": "0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "xwayland",
              "product": "xwayland",
              "repo": "https://gitlab.freedesktop.org/xorg/xserver/",
              "vendor": "X.Org",
              "versions": [
                {
                  "lessThan": "24.1.13",
                  "status": "affected",
                  "version": "0",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Anonymous working with Trend Micro Zero Day Initiative."
            }
          ],
          "datePublic": "2026-07-08T07:51:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Local attackers with a X connection able to provide PCX fonts to the X \nserver xorg-server before 21.2.24 and xwayland before 24.1.13 could \ncause a heap buffer overflow via SetFont due to missing glyph boundary checks."
                }
              ],
              "value": "Local attackers with a X connection able to provide PCX fonts to the X \nserver xorg-server before 21.2.24 and xwayland before 24.1.13 could \ncause a heap buffer overflow via SetFont due to missing glyph boundary checks."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-234",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-234 Hijacking a privileged process"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122 Heap-based buffer overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T08:12:17.088Z",
            "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
            "shortName": "suse"
          },
          "references": [
            {
              "tags": [
                "patch"
              ],
              "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/fbf7bac22e2c6bd627fb042742a23318263edae1"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.openwall.com/lists/oss-security/2026/07/08/2"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "xorg-server / xwayland glamor font atlas Heap Buffer Overflow",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "assignerShortName": "suse",
        "cveId": "CVE-2026-55999",
        "datePublished": "2026-07-08T08:07:11.088Z",
        "dateReserved": "2026-06-18T09:26:55.988Z",
        "dateUpdated": "2026-07-09T03:55:43.683Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-0409 (GCVE-0-2024-0409)

    Vulnerability from nvd – Published: 2024-01-18 15:40 – Updated: 2025-11-20 07:09
    VLAI
    Title
    Xorg-x11-server: selinux context corruption
    Summary
    A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Affected: 21.1.0 , < 21.1.11 (semver)
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-27.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-22.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
        cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-15.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-24.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:22.1.9-5.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2024-01-16 00:00
    Credits
    Red Hat would like to thank Olivier Fourdan for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:04:49.708Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:0320",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0320"
              },
              {
                "name": "RHSA-2024:2169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2169"
              },
              {
                "name": "RHSA-2024:2170",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2170"
              },
              {
                "name": "RHSA-2024:2995",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2995"
              },
              {
                "name": "RHSA-2024:2996",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2996"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-0409"
              },
              {
                "name": "RHBZ#2257690",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202401-30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240307-0006/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0409",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-18T16:47:29.032982Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:19:21.164Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "defaultStatus": "unaffected",
              "packageName": "xorg-server",
              "versions": [
                {
                  "lessThan": "21.1.11",
                  "status": "affected",
                  "version": "21.1.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-27.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream",
                "cpe:/a:redhat:enterprise_linux:8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-22.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-15.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-24.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:22.1.9-5.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Olivier Fourdan for reporting this issue."
            }
          ],
          "datePublic": "2024-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T07:09:01.279Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0320",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0320"
            },
            {
              "name": "RHSA-2024:2169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2169"
            },
            {
              "name": "RHSA-2024:2170",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2170"
            },
            {
              "name": "RHSA-2024:2995",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2995"
            },
            {
              "name": "RHSA-2024:2996",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2996"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-0409"
            },
            {
              "name": "RHBZ#2257690",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-10T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-16T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: selinux context corruption",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-0409",
        "datePublished": "2024-01-18T15:40:22.071Z",
        "dateReserved": "2024-01-10T21:15:38.712Z",
        "dateUpdated": "2025-11-20T07:09:01.279Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-0408 (GCVE-0-2024-0408)

    Vulnerability from nvd – Published: 2024-01-18 15:40 – Updated: 2025-11-20 07:08
    VLAI
    Title
    Xorg-x11-server: selinux unlabeled glx pbuffer
    Summary
    A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-158 - Improper Neutralization of Null Byte or NUL Character
    Assigner
    Impacted products
    Vendor Product Version
    Affected: 21.1.0 , < 21.1.11 (semver)
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-27.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::computenode
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-22.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-15.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-24.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:22.1.9-5.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2024-01-16 00:00
    Credits
    Red Hat would like to thank Donn Seeley and Olivier Fourdan for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:04:49.597Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:0320",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0320"
              },
              {
                "name": "RHSA-2024:2169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2169"
              },
              {
                "name": "RHSA-2024:2170",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2170"
              },
              {
                "name": "RHSA-2024:2995",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2995"
              },
              {
                "name": "RHSA-2024:2996",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2996"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-0408"
              },
              {
                "name": "RHBZ#2257689",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257689"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202401-30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240307-0006/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0408",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-18T17:14:07.799441Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:19:21.038Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "defaultStatus": "unaffected",
              "packageName": "xorg-server",
              "versions": [
                {
                  "lessThan": "21.1.11",
                  "status": "affected",
                  "version": "21.1.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::computenode"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-27.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-22.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-15.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-24.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:22.1.9-5.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Donn Seeley and Olivier Fourdan for reporting this issue."
            }
          ],
          "datePublic": "2024-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-158",
                  "description": "Improper Neutralization of Null Byte or NUL Character",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T07:08:59.547Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0320",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0320"
            },
            {
              "name": "RHSA-2024:2169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2169"
            },
            {
              "name": "RHSA-2024:2170",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2170"
            },
            {
              "name": "RHSA-2024:2995",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2995"
            },
            {
              "name": "RHSA-2024:2996",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2996"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-0408"
            },
            {
              "name": "RHBZ#2257689",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257689"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-10T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-16T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: selinux unlabeled glx pbuffer",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-158: Improper Neutralization of Null Byte or NUL Character"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-0408",
        "datePublished": "2024-01-18T15:40:06.955Z",
        "dateReserved": "2024-01-10T21:13:58.095Z",
        "dateUpdated": "2025-11-20T07:08:59.547Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-6816 (GCVE-0-2023-6816)

    Vulnerability from nvd – Published: 2024-01-18 04:31 – Updated: 2026-03-19 21:23
    VLAI
    Title
    Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer
    Summary
    A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:0320 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0557 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0558 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0597 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0607 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0614 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0617 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0621 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0626 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2169 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2170 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2995 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2996 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-6816 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2257691 issue-trackingx_refsource_REDHAT
    http://www.openwall.com/lists/oss-security/2024/01/18/1 x_transferred
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://security.gentoo.org/glsa/202401-30 x_transferred
    https://security.netapp.com/advisory/ntap-2024030… x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-27.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-31.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.7 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-22.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-15.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.7 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-3.el9_3.6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-24.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:22.1.9-5.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.5 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2024-01-16 00:00
    Credits
    Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:42:07.410Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/01/18/1"
              },
              {
                "name": "RHSA-2024:0320",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0320"
              },
              {
                "name": "RHSA-2024:0557",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0557"
              },
              {
                "name": "RHSA-2024:0558",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0558"
              },
              {
                "name": "RHSA-2024:0597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0597"
              },
              {
                "name": "RHSA-2024:0607",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0607"
              },
              {
                "name": "RHSA-2024:0614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0614"
              },
              {
                "name": "RHSA-2024:0617",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0617"
              },
              {
                "name": "RHSA-2024:0621",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0621"
              },
              {
                "name": "RHSA-2024:0626",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0626"
              },
              {
                "name": "RHSA-2024:0629",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0629"
              },
              {
                "name": "RHSA-2024:2169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2169"
              },
              {
                "name": "RHSA-2024:2170",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2170"
              },
              {
                "name": "RHSA-2024:2996",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2996"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-6816"
              },
              {
                "name": "RHBZ#2257691",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257691"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202401-30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240307-0006/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6816",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-18T14:05:47.630340Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:19:20.905Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-27.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-31.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-22.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-15.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-3.el9_3.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-24.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:22.1.9-5.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.5",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue."
            }
          ],
          "datePublic": "2024-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device\u0027s particular number of buttons, leading to a heap overflow if a bigger value was used."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-19T21:23:24.417Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0320",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0320"
            },
            {
              "name": "RHSA-2024:0557",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0557"
            },
            {
              "name": "RHSA-2024:0558",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0558"
            },
            {
              "name": "RHSA-2024:0597",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0597"
            },
            {
              "name": "RHSA-2024:0607",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0607"
            },
            {
              "name": "RHSA-2024:0614",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0614"
            },
            {
              "name": "RHSA-2024:0617",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0617"
            },
            {
              "name": "RHSA-2024:0621",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0621"
            },
            {
              "name": "RHSA-2024:0626",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0626"
            },
            {
              "name": "RHSA-2024:0629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0629"
            },
            {
              "name": "RHSA-2024:2169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2169"
            },
            {
              "name": "RHSA-2024:2170",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2170"
            },
            {
              "name": "RHSA-2024:2995",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2995"
            },
            {
              "name": "RHSA-2024:2996",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2996"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-6816"
            },
            {
              "name": "RHBZ#2257691",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257691"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-10T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-16T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-6816",
        "datePublished": "2024-01-18T04:31:07.908Z",
        "dateReserved": "2023-12-14T04:34:38.017Z",
        "dateUpdated": "2026-03-19T21:23:24.417Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-1393 (GCVE-0-2023-1393)

    Vulnerability from nvd – Published: 2023-03-30 00:00 – Updated: 2026-01-22 04:55
    VLAI
    Summary
    A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a xorg-server Affected: xorg-server 21.1.8
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:49:11.396Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.openwall.com/lists/oss-security/2023/03/29/1"
              },
              {
                "name": "FEDORA-2023-eb3c27ff25",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3EVO3OQV6T4BSABWZ2TU3PY5TJTEQZ2/"
              },
              {
                "name": "FEDORA-2023-b7835960ac",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNQYHUI63DB5FHK6EOI3Z4C6YQZGZKI/"
              },
              {
                "name": "FEDORA-2023-b87fd3a628",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SW2NRC3V53PIBXFPFBVWCOM2MDDILWQS/"
              },
              {
                "name": "FEDORA-2023-f754e7abfd",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHJMSMK7G4GPLMKIGKXIOL2RTKU5VFWE/"
              },
              {
                "name": "FEDORA-2023-66d5af0278",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEHSYYFGBN3G4RS2HJXKQ5NBMOAZ5F2F/"
              },
              {
                "name": "FEDORA-2023-239bae4b57",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PSAAGI5V77FQXIT5PP4URP6BYQVCK5U5/"
              },
              {
                "name": "FEDORA-2023-fe18ae3e85",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NOYATGGPMT3COC7ELAJW5TG2PVS3AFR2/"
              },
              {
                "name": "FEDORA-2023-6f3f9ee721",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFUDSBSABRHQOX6TIQ5O3SNPFTPFQQP/"
              },
              {
                "name": "GLSA-202305-30",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202305-30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1393",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-21T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-22T04:55:52.536Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-server",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "xorg-server 21.1.8"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-23T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://www.openwall.com/lists/oss-security/2023/03/29/1"
            },
            {
              "name": "FEDORA-2023-eb3c27ff25",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3EVO3OQV6T4BSABWZ2TU3PY5TJTEQZ2/"
            },
            {
              "name": "FEDORA-2023-b7835960ac",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNQYHUI63DB5FHK6EOI3Z4C6YQZGZKI/"
            },
            {
              "name": "FEDORA-2023-b87fd3a628",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SW2NRC3V53PIBXFPFBVWCOM2MDDILWQS/"
            },
            {
              "name": "FEDORA-2023-f754e7abfd",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHJMSMK7G4GPLMKIGKXIOL2RTKU5VFWE/"
            },
            {
              "name": "FEDORA-2023-66d5af0278",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEHSYYFGBN3G4RS2HJXKQ5NBMOAZ5F2F/"
            },
            {
              "name": "FEDORA-2023-239bae4b57",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PSAAGI5V77FQXIT5PP4URP6BYQVCK5U5/"
            },
            {
              "name": "FEDORA-2023-fe18ae3e85",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NOYATGGPMT3COC7ELAJW5TG2PVS3AFR2/"
            },
            {
              "name": "FEDORA-2023-6f3f9ee721",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFUDSBSABRHQOX6TIQ5O3SNPFTPFQQP/"
            },
            {
              "name": "GLSA-202305-30",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202305-30"
            },
            {
              "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-1393",
        "datePublished": "2023-03-30T00:00:00.000Z",
        "dateReserved": "2023-03-14T00:00:00.000Z",
        "dateUpdated": "2026-01-22T04:55:52.536Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-4283 (GCVE-0-2022-4283)

    Vulnerability from nvd – Published: 2022-12-14 00:00 – Updated: 2025-04-14 18:13
    VLAI
    Summary
    A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • use-after-free
    • CWE-416 - Use After Free
    Assigner
    Impacted products
    Vendor Product Version
    n/a xorg-x11-server Affected: xorg-x11-server-1.20.4
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T01:34:49.985Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151761"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2022-4283"
              },
              {
                "name": "FEDORA-2022-c3a65f7c65",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/"
              },
              {
                "name": "FEDORA-2022-721a78b7e5",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/"
              },
              {
                "name": "DSA-5304",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2022/dsa-5304"
              },
              {
                "name": "FEDORA-2022-dd3eb7e0a8",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202305-30"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-4283",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-14T15:16:33.555711Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-14T18:13:03.382Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "xorg-x11-server-1.20.4"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "use-after-free",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-30T05:08:33.737Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151761"
            },
            {
              "url": "https://access.redhat.com/security/cve/CVE-2022-4283"
            },
            {
              "name": "FEDORA-2022-c3a65f7c65",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/"
            },
            {
              "name": "FEDORA-2022-721a78b7e5",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/"
            },
            {
              "name": "DSA-5304",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.debian.org/security/2022/dsa-5304"
            },
            {
              "name": "FEDORA-2022-dd3eb7e0a8",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/"
            },
            {
              "url": "https://security.gentoo.org/glsa/202305-30"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2022-4283",
        "datePublished": "2022-12-14T00:00:00.000Z",
        "dateReserved": "2022-12-05T00:00:00.000Z",
        "dateUpdated": "2025-04-14T18:13:03.382Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2320 (GCVE-0-2022-2320)

    Vulnerability from nvd – Published: 2022-09-01 00:00 – Updated: 2024-08-03 00:32
    VLAI
    Summary
    A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker to escalate privileges and execute arbitrary code in the context of root.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a xorg-x11-server Affected: xorg-x11-server 21.1
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.611Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/938"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/939"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/freedesktop/xorg-xserver/commit/dd8caf39e9e15d8f302e54045dd08d8ebf1025dc"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-963/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.freedesktop.org/archives/xorg-announce/2022-July/003192.html"
              },
              {
                "name": "GLSA-202210-30",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202210-30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20221104-0003/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "xorg-x11-server 21.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker to escalate privileges and execute arbitrary code in the context of root."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-11-04T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/938"
            },
            {
              "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/939"
            },
            {
              "url": "https://github.com/freedesktop/xorg-xserver/commit/dd8caf39e9e15d8f302e54045dd08d8ebf1025dc"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-963/"
            },
            {
              "url": "https://lists.freedesktop.org/archives/xorg-announce/2022-July/003192.html"
            },
            {
              "name": "GLSA-202210-30",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202210-30"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20221104-0003/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2022-2320",
        "datePublished": "2022-09-01T00:00:00.000Z",
        "dateReserved": "2022-07-05T00:00:00.000Z",
        "dateUpdated": "2024-08-03T00:32:09.611Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2319 (GCVE-0-2022-2319)

    Vulnerability from nvd – Published: 2022-09-01 00:00 – Updated: 2024-08-03 00:32
    VLAI
    Summary
    A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a xorg-x11-server Affected: xorg-x11-server 21.1
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.879Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/938"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/939"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.freedesktop.org/archives/xorg-announce/2022-July/003192.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-964/"
              },
              {
                "name": "GLSA-202210-30",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202210-30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20221104-0003/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "xorg-x11-server 21.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1320",
                  "description": "CWE-1320",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-11-04T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/938"
            },
            {
              "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/939"
            },
            {
              "url": "https://lists.freedesktop.org/archives/xorg-announce/2022-July/003192.html"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-964/"
            },
            {
              "name": "GLSA-202210-30",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202210-30"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20221104-0003/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2022-2319",
        "datePublished": "2022-09-01T00:00:00.000Z",
        "dateReserved": "2022-07-05T00:00:00.000Z",
        "dateUpdated": "2024-08-03T00:32:09.879Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-14362 (GCVE-0-2020-14362)

    Vulnerability from nvd – Published: 2020-09-15 00:00 – Updated: 2024-08-04 12:46
    VLAI
    Summary
    A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a xorg-x11-server Affected: before xorg-x11-server 1.20.9
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T12:46:33.327Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.x.org/archives/xorg-announce/2020-August/003058.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869144"
              },
              {
                "name": "USN-4488-2",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4488-2/"
              },
              {
                "name": "GLSA-202012-01",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202012-01"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1419/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before xorg-x11-server 1.20.9"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-191",
                  "description": "CWE-191",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://lists.x.org/archives/xorg-announce/2020-August/003058.html"
            },
            {
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869144"
            },
            {
              "name": "USN-4488-2",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://usn.ubuntu.com/4488-2/"
            },
            {
              "name": "GLSA-202012-01",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202012-01"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1419/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2020-14362",
        "datePublished": "2020-09-15T00:00:00.000Z",
        "dateReserved": "2020-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T12:46:33.327Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-14361 (GCVE-0-2020-14361)

    Vulnerability from nvd – Published: 2020-09-15 00:00 – Updated: 2024-08-04 12:46
    VLAI
    Summary
    A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a xorg-x11-server Affected: before xorg-x11-server 1.20.9
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T12:46:33.907Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.x.org/archives/xorg-announce/2020-August/003058.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869142"
              },
              {
                "name": "USN-4488-2",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4488-2/"
              },
              {
                "name": "GLSA-202012-01",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202012-01"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1418/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before xorg-x11-server 1.20.9"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-191",
                  "description": "CWE-191",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://lists.x.org/archives/xorg-announce/2020-August/003058.html"
            },
            {
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869142"
            },
            {
              "name": "USN-4488-2",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://usn.ubuntu.com/4488-2/"
            },
            {
              "name": "GLSA-202012-01",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202012-01"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1418/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2020-14361",
        "datePublished": "2020-09-15T00:00:00.000Z",
        "dateReserved": "2020-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T12:46:33.907Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-14346 (GCVE-0-2020-14346)

    Vulnerability from nvd – Published: 2020-09-15 00:00 – Updated: 2024-08-04 12:39
    VLAI
    Summary
    A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a xorg-x11-server Affected: before xorg-x11-server 1.20.9
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T12:39:36.531Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.x.org/archives/xorg-announce/2020-August/003058.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862246"
              },
              {
                "name": "USN-4488-2",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4488-2/"
              },
              {
                "name": "GLSA-202012-01",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202012-01"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1417/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before xorg-x11-server 1.20.9"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-191",
                  "description": "CWE-191",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://lists.x.org/archives/xorg-announce/2020-August/003058.html"
            },
            {
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862246"
            },
            {
              "name": "USN-4488-2",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://usn.ubuntu.com/4488-2/"
            },
            {
              "name": "GLSA-202012-01",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202012-01"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1417/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2020-14346",
        "datePublished": "2020-09-15T00:00:00.000Z",
        "dateReserved": "2020-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T12:39:36.531Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-14347 (GCVE-0-2020-14347)

    Vulnerability from nvd – Published: 2020-08-05 13:08 – Updated: 2024-08-04 12:39
    VLAI
    Summary
    A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
    CWE
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T12:39:36.535Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://lists.x.org/archives/xorg-announce/2020-July/003051.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.openwall.com/lists/oss-security/2020/07/31/2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14347"
              },
              {
                "name": "openSUSE-SU-2020:1279",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00066.html"
              },
              {
                "name": "[debian-lts-announce] 20200830 [SECURITY] [DLA 2359-1] xorg-server security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00057.html"
              },
              {
                "name": "openSUSE-SU-2020:1302",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00075.html"
              },
              {
                "name": "DSA-4758",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2020/dsa-4758"
              },
              {
                "name": "USN-4488-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4488-1/"
              },
              {
                "name": "USN-4488-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4488-2/"
              },
              {
                "name": "GLSA-202012-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202012-01"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "The Xorg Project",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.20.9"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-665",
                  "description": "CWE-665",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-07T01:06:22.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://lists.x.org/archives/xorg-announce/2020-July/003051.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.openwall.com/lists/oss-security/2020/07/31/2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14347"
            },
            {
              "name": "openSUSE-SU-2020:1279",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00066.html"
            },
            {
              "name": "[debian-lts-announce] 20200830 [SECURITY] [DLA 2359-1] xorg-server security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00057.html"
            },
            {
              "name": "openSUSE-SU-2020:1302",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00075.html"
            },
            {
              "name": "DSA-4758",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4758"
            },
            {
              "name": "USN-4488-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4488-1/"
            },
            {
              "name": "USN-4488-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4488-2/"
            },
            {
              "name": "GLSA-202012-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/202012-01"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2020-14347",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "xorg-x11-server",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.20.9"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "The Xorg Project"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable."
                }
              ]
            },
            "impact": {
              "cvss": [
                [
                  {
                    "vectorString": "5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                    "version": "3.0"
                  }
                ]
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-665"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://lists.x.org/archives/xorg-announce/2020-July/003051.html",
                  "refsource": "MISC",
                  "url": "https://lists.x.org/archives/xorg-announce/2020-July/003051.html"
                },
                {
                  "name": "https://www.openwall.com/lists/oss-security/2020/07/31/2",
                  "refsource": "MISC",
                  "url": "https://www.openwall.com/lists/oss-security/2020/07/31/2"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14347",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14347"
                },
                {
                  "name": "openSUSE-SU-2020:1279",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00066.html"
                },
                {
                  "name": "[debian-lts-announce] 20200830 [SECURITY] [DLA 2359-1] xorg-server security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00057.html"
                },
                {
                  "name": "openSUSE-SU-2020:1302",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00075.html"
                },
                {
                  "name": "DSA-4758",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2020/dsa-4758"
                },
                {
                  "name": "USN-4488-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4488-1/"
                },
                {
                  "name": "USN-4488-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4488-2/"
                },
                {
                  "name": "GLSA-202012-01",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/202012-01"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2020-14347",
        "datePublished": "2020-08-05T13:08:43.000Z",
        "dateReserved": "2020-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T12:39:36.535Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-14665 (GCVE-0-2018-14665)

    Vulnerability from nvd – Published: 2018-10-25 20:00 – Updated: 2024-08-05 09:38
    VLAI
    Summary
    A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2018-10-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T09:38:13.000Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "45742",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45742/"
              },
              {
                "name": "[xorg-announce] 20181025 X.Org security advisory: October 25, 2018",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.x.org/archives/xorg-announce/2018-October/002927.html"
              },
              {
                "name": "45922",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45922/"
              },
              {
                "name": "USN-3802-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/3802-1/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e"
              },
              {
                "name": "45697",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45697/"
              },
              {
                "name": "RHSA-2018:3410",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2018:3410"
              },
              {
                "name": "105741",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105741"
              },
              {
                "name": "45908",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45908/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html"
              },
              {
                "name": "46142",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/46142/"
              },
              {
                "name": "GLSA-201810-09",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201810-09"
              },
              {
                "name": "1041948",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1041948"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14665"
              },
              {
                "name": "45832",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45832/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/8a59e3b7dbb30532a7c3769c555e00d7c4301170"
              },
              {
                "name": "45938",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45938/"
              },
              {
                "name": "DSA-4328",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2018/dsa-4328"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2018-10-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-12T20:07:22.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "45742",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45742/"
            },
            {
              "name": "[xorg-announce] 20181025 X.Org security advisory: October 25, 2018",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.x.org/archives/xorg-announce/2018-October/002927.html"
            },
            {
              "name": "45922",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45922/"
            },
            {
              "name": "USN-3802-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/3802-1/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e"
            },
            {
              "name": "45697",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45697/"
            },
            {
              "name": "RHSA-2018:3410",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:3410"
            },
            {
              "name": "105741",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105741"
            },
            {
              "name": "45908",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45908/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html"
            },
            {
              "name": "46142",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/46142/"
            },
            {
              "name": "GLSA-201810-09",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201810-09"
            },
            {
              "name": "1041948",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1041948"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14665"
            },
            {
              "name": "45832",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45832/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/8a59e3b7dbb30532a7c3769c555e00d7c4301170"
            },
            {
              "name": "45938",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45938/"
            },
            {
              "name": "DSA-4328",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2018/dsa-4328"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2018-14665",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "45742",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45742/"
                },
                {
                  "name": "[xorg-announce] 20181025 X.Org security advisory: October 25, 2018",
                  "refsource": "MLIST",
                  "url": "https://lists.x.org/archives/xorg-announce/2018-October/002927.html"
                },
                {
                  "name": "45922",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45922/"
                },
                {
                  "name": "USN-3802-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/3802-1/"
                },
                {
                  "name": "https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e",
                  "refsource": "CONFIRM",
                  "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e"
                },
                {
                  "name": "45697",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45697/"
                },
                {
                  "name": "RHSA-2018:3410",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2018:3410"
                },
                {
                  "name": "105741",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105741"
                },
                {
                  "name": "45908",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45908/"
                },
                {
                  "name": "https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html",
                  "refsource": "MISC",
                  "url": "https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html"
                },
                {
                  "name": "46142",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/46142/"
                },
                {
                  "name": "GLSA-201810-09",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201810-09"
                },
                {
                  "name": "1041948",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1041948"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14665",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14665"
                },
                {
                  "name": "45832",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45832/"
                },
                {
                  "name": "https://gitlab.freedesktop.org/xorg/xserver/commit/8a59e3b7dbb30532a7c3769c555e00d7c4301170",
                  "refsource": "CONFIRM",
                  "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/8a59e3b7dbb30532a7c3769c555e00d7c4301170"
                },
                {
                  "name": "45938",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45938/"
                },
                {
                  "name": "DSA-4328",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2018/dsa-4328"
                },
                {
                  "name": "http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html"
                },
                {
                  "name": "http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2018-14665",
        "datePublished": "2018-10-25T20:00:00.000Z",
        "dateReserved": "2018-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-05T09:38:13.000Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-2624 (GCVE-0-2017-2624)

    Vulnerability from nvd – Published: 2018-07-27 18:00 – Updated: 2024-08-05 14:02
    VLAI
    Summary
    It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Xorg xorg-x11-server Affected: 1.19.0
    Create a notification for this product.
    Date Public
    2018-07-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T14:02:06.893Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-201704-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201704-03"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/d7ac755f0b618eb1259d93c8a16ec6e39a18627c"
              },
              {
                "name": "1037919",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037919"
              },
              {
                "name": "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html"
              },
              {
                "name": "GLSA-201710-30",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201710-30"
              },
              {
                "name": "96480",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/96480"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2624"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "Xorg",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.19.0"
                }
              ]
            }
          ],
          "datePublic": "2018-07-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-385",
                  "description": "CWE-385",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-08-03T17:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "GLSA-201704-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201704-03"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/d7ac755f0b618eb1259d93c8a16ec6e39a18627c"
            },
            {
              "name": "1037919",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037919"
            },
            {
              "name": "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html"
            },
            {
              "name": "GLSA-201710-30",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201710-30"
            },
            {
              "name": "96480",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/96480"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2624"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2017-2624",
        "datePublished": "2018-07-27T18:00:00.000Z",
        "dateReserved": "2016-12-01T00:00:00.000Z",
        "dateUpdated": "2024-08-05T14:02:06.893Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-12183 (GCVE-0-2017-12183)

    Vulnerability from nvd – Published: 2018-01-24 15:00 – Updated: 2024-09-16 19:21
    VLAI
    Summary
    xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Date Public
    2017-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T18:28:16.691Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-4000",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2017/dsa-4000"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cgit.freedesktop.org/xorg/xserver/commit/?id=55caa8b08c84af2b50fbc936cf334a5a93dd7db5"
              },
              {
                "name": "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html"
              },
              {
                "name": "GLSA-201711-05",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201711-05"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509224"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "The X.Org Foundation",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.19.5"
                }
              ]
            }
          ],
          "datePublic": "2017-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-391",
                  "description": "CWE-391",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-02T10:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "DSA-4000",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2017/dsa-4000"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cgit.freedesktop.org/xorg/xserver/commit/?id=55caa8b08c84af2b50fbc936cf334a5a93dd7db5"
            },
            {
              "name": "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html"
            },
            {
              "name": "GLSA-201711-05",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201711-05"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509224"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "DATE_PUBLIC": "2017-10-10T00:00:00",
              "ID": "CVE-2017-12183",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "xorg-x11-server",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.19.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "The X.Org Foundation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-391"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-4000",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2017/dsa-4000"
                },
                {
                  "name": "https://cgit.freedesktop.org/xorg/xserver/commit/?id=55caa8b08c84af2b50fbc936cf334a5a93dd7db5",
                  "refsource": "CONFIRM",
                  "url": "https://cgit.freedesktop.org/xorg/xserver/commit/?id=55caa8b08c84af2b50fbc936cf334a5a93dd7db5"
                },
                {
                  "name": "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html"
                },
                {
                  "name": "GLSA-201711-05",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201711-05"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1509224",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509224"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2017-12183",
        "datePublished": "2018-01-24T15:00:00.000Z",
        "dateReserved": "2017-08-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:21:10.764Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-55999 (GCVE-0-2026-55999)

    Vulnerability from cvelistv5 – Published: 2026-07-08 08:07 – Updated: 2026-07-09 03:55
    VLAI
    Title
    xorg-server / xwayland glamor font atlas Heap Buffer Overflow
    Summary
    Local attackers with a X connection able to provide PCX fonts to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a heap buffer overflow via SetFont due to missing glyph boundary checks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based buffer overflow
    Assigner
    Impacted products
    Vendor Product Version
    X.Org xorg-server Affected: 0 , < 21.1.24 (rpm)
    Create a notification for this product.
    X.Org xwayland Affected: 0 , < 24.1.13 (rpm)
    Create a notification for this product.
    Date Public
    2026-07-08 07:51
    Credits
    Anonymous working with Trend Micro Zero Day Initiative.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-55999",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-08T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-09T03:55:43.683Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "xorg-server",
              "product": "xorg-server",
              "repo": "https://gitlab.freedesktop.org/xorg/xserver/",
              "vendor": "X.Org",
              "versions": [
                {
                  "lessThan": "21.1.24",
                  "status": "affected",
                  "version": "0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "packageName": "xwayland",
              "product": "xwayland",
              "repo": "https://gitlab.freedesktop.org/xorg/xserver/",
              "vendor": "X.Org",
              "versions": [
                {
                  "lessThan": "24.1.13",
                  "status": "affected",
                  "version": "0",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Anonymous working with Trend Micro Zero Day Initiative."
            }
          ],
          "datePublic": "2026-07-08T07:51:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Local attackers with a X connection able to provide PCX fonts to the X \nserver xorg-server before 21.2.24 and xwayland before 24.1.13 could \ncause a heap buffer overflow via SetFont due to missing glyph boundary checks."
                }
              ],
              "value": "Local attackers with a X connection able to provide PCX fonts to the X \nserver xorg-server before 21.2.24 and xwayland before 24.1.13 could \ncause a heap buffer overflow via SetFont due to missing glyph boundary checks."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-234",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-234 Hijacking a privileged process"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122 Heap-based buffer overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-08T08:12:17.088Z",
            "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
            "shortName": "suse"
          },
          "references": [
            {
              "tags": [
                "patch"
              ],
              "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/fbf7bac22e2c6bd627fb042742a23318263edae1"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.openwall.com/lists/oss-security/2026/07/08/2"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "xorg-server / xwayland glamor font atlas Heap Buffer Overflow",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "assignerShortName": "suse",
        "cveId": "CVE-2026-55999",
        "datePublished": "2026-07-08T08:07:11.088Z",
        "dateReserved": "2026-06-18T09:26:55.988Z",
        "dateUpdated": "2026-07-09T03:55:43.683Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-0409 (GCVE-0-2024-0409)

    Vulnerability from cvelistv5 – Published: 2024-01-18 15:40 – Updated: 2025-11-20 07:09
    VLAI
    Title
    Xorg-x11-server: selinux context corruption
    Summary
    A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Affected: 21.1.0 , < 21.1.11 (semver)
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-27.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-22.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
        cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-15.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-24.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:22.1.9-5.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2024-01-16 00:00
    Credits
    Red Hat would like to thank Olivier Fourdan for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:04:49.708Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:0320",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0320"
              },
              {
                "name": "RHSA-2024:2169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2169"
              },
              {
                "name": "RHSA-2024:2170",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2170"
              },
              {
                "name": "RHSA-2024:2995",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2995"
              },
              {
                "name": "RHSA-2024:2996",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2996"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-0409"
              },
              {
                "name": "RHBZ#2257690",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202401-30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240307-0006/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0409",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-18T16:47:29.032982Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:19:21.164Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "defaultStatus": "unaffected",
              "packageName": "xorg-server",
              "versions": [
                {
                  "lessThan": "21.1.11",
                  "status": "affected",
                  "version": "21.1.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-27.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream",
                "cpe:/a:redhat:enterprise_linux:8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-22.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-15.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-24.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:22.1.9-5.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Olivier Fourdan for reporting this issue."
            }
          ],
          "datePublic": "2024-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T07:09:01.279Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0320",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0320"
            },
            {
              "name": "RHSA-2024:2169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2169"
            },
            {
              "name": "RHSA-2024:2170",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2170"
            },
            {
              "name": "RHSA-2024:2995",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2995"
            },
            {
              "name": "RHSA-2024:2996",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2996"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-0409"
            },
            {
              "name": "RHBZ#2257690",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-10T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-16T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: selinux context corruption",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-0409",
        "datePublished": "2024-01-18T15:40:22.071Z",
        "dateReserved": "2024-01-10T21:15:38.712Z",
        "dateUpdated": "2025-11-20T07:09:01.279Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-0408 (GCVE-0-2024-0408)

    Vulnerability from cvelistv5 – Published: 2024-01-18 15:40 – Updated: 2025-11-20 07:08
    VLAI
    Title
    Xorg-x11-server: selinux unlabeled glx pbuffer
    Summary
    A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-158 - Improper Neutralization of Null Byte or NUL Character
    Assigner
    Impacted products
    Vendor Product Version
    Affected: 21.1.0 , < 21.1.11 (semver)
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-27.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::computenode
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-22.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-15.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-24.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:22.1.9-5.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2024-01-16 00:00
    Credits
    Red Hat would like to thank Donn Seeley and Olivier Fourdan for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:04:49.597Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:0320",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0320"
              },
              {
                "name": "RHSA-2024:2169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2169"
              },
              {
                "name": "RHSA-2024:2170",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2170"
              },
              {
                "name": "RHSA-2024:2995",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2995"
              },
              {
                "name": "RHSA-2024:2996",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2996"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-0408"
              },
              {
                "name": "RHBZ#2257689",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257689"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202401-30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240307-0006/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0408",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-18T17:14:07.799441Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:19:21.038Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "defaultStatus": "unaffected",
              "packageName": "xorg-server",
              "versions": [
                {
                  "lessThan": "21.1.11",
                  "status": "affected",
                  "version": "21.1.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::computenode"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-27.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-22.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-15.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-24.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:22.1.9-5.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Donn Seeley and Olivier Fourdan for reporting this issue."
            }
          ],
          "datePublic": "2024-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-158",
                  "description": "Improper Neutralization of Null Byte or NUL Character",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T07:08:59.547Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0320",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0320"
            },
            {
              "name": "RHSA-2024:2169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2169"
            },
            {
              "name": "RHSA-2024:2170",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2170"
            },
            {
              "name": "RHSA-2024:2995",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2995"
            },
            {
              "name": "RHSA-2024:2996",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2996"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-0408"
            },
            {
              "name": "RHBZ#2257689",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257689"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-10T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-16T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: selinux unlabeled glx pbuffer",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-158: Improper Neutralization of Null Byte or NUL Character"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-0408",
        "datePublished": "2024-01-18T15:40:06.955Z",
        "dateReserved": "2024-01-10T21:13:58.095Z",
        "dateUpdated": "2025-11-20T07:08:59.547Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-6816 (GCVE-0-2023-6816)

    Vulnerability from cvelistv5 – Published: 2024-01-18 04:31 – Updated: 2026-03-19 21:23
    VLAI
    Title
    Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer
    Summary
    A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:0320 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0557 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0558 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0597 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0607 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0614 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0617 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0621 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0626 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2169 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2170 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2995 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2996 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-6816 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2257691 issue-trackingx_refsource_REDHAT
    http://www.openwall.com/lists/oss-security/2024/01/18/1 x_transferred
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://security.gentoo.org/glsa/202401-30 x_transferred
    https://security.netapp.com/advisory/ntap-2024030… x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-27.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-31.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.7 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-22.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-15.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.7 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-3.el9_3.6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-24.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:22.1.9-5.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.5 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2024-01-16 00:00
    Credits
    Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:42:07.410Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/01/18/1"
              },
              {
                "name": "RHSA-2024:0320",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0320"
              },
              {
                "name": "RHSA-2024:0557",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0557"
              },
              {
                "name": "RHSA-2024:0558",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0558"
              },
              {
                "name": "RHSA-2024:0597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0597"
              },
              {
                "name": "RHSA-2024:0607",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0607"
              },
              {
                "name": "RHSA-2024:0614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0614"
              },
              {
                "name": "RHSA-2024:0617",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0617"
              },
              {
                "name": "RHSA-2024:0621",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0621"
              },
              {
                "name": "RHSA-2024:0626",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0626"
              },
              {
                "name": "RHSA-2024:0629",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0629"
              },
              {
                "name": "RHSA-2024:2169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2169"
              },
              {
                "name": "RHSA-2024:2170",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2170"
              },
              {
                "name": "RHSA-2024:2996",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2996"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-6816"
              },
              {
                "name": "RHBZ#2257691",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257691"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202401-30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240307-0006/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6816",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-18T14:05:47.630340Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:19:20.905Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-27.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-31.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-22.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-15.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-3.el9_3.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-24.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:22.1.9-5.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.5",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue."
            }
          ],
          "datePublic": "2024-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device\u0027s particular number of buttons, leading to a heap overflow if a bigger value was used."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-19T21:23:24.417Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0320",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0320"
            },
            {
              "name": "RHSA-2024:0557",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0557"
            },
            {
              "name": "RHSA-2024:0558",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0558"
            },
            {
              "name": "RHSA-2024:0597",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0597"
            },
            {
              "name": "RHSA-2024:0607",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0607"
            },
            {
              "name": "RHSA-2024:0614",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0614"
            },
            {
              "name": "RHSA-2024:0617",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0617"
            },
            {
              "name": "RHSA-2024:0621",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0621"
            },
            {
              "name": "RHSA-2024:0626",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0626"
            },
            {
              "name": "RHSA-2024:0629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0629"
            },
            {
              "name": "RHSA-2024:2169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2169"
            },
            {
              "name": "RHSA-2024:2170",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2170"
            },
            {
              "name": "RHSA-2024:2995",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2995"
            },
            {
              "name": "RHSA-2024:2996",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2996"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-6816"
            },
            {
              "name": "RHBZ#2257691",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257691"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-10T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-16T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-6816",
        "datePublished": "2024-01-18T04:31:07.908Z",
        "dateReserved": "2023-12-14T04:34:38.017Z",
        "dateUpdated": "2026-03-19T21:23:24.417Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-1393 (GCVE-0-2023-1393)

    Vulnerability from cvelistv5 – Published: 2023-03-30 00:00 – Updated: 2026-01-22 04:55
    VLAI
    Summary
    A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a xorg-server Affected: xorg-server 21.1.8
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:49:11.396Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.openwall.com/lists/oss-security/2023/03/29/1"
              },
              {
                "name": "FEDORA-2023-eb3c27ff25",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3EVO3OQV6T4BSABWZ2TU3PY5TJTEQZ2/"
              },
              {
                "name": "FEDORA-2023-b7835960ac",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNQYHUI63DB5FHK6EOI3Z4C6YQZGZKI/"
              },
              {
                "name": "FEDORA-2023-b87fd3a628",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SW2NRC3V53PIBXFPFBVWCOM2MDDILWQS/"
              },
              {
                "name": "FEDORA-2023-f754e7abfd",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHJMSMK7G4GPLMKIGKXIOL2RTKU5VFWE/"
              },
              {
                "name": "FEDORA-2023-66d5af0278",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEHSYYFGBN3G4RS2HJXKQ5NBMOAZ5F2F/"
              },
              {
                "name": "FEDORA-2023-239bae4b57",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PSAAGI5V77FQXIT5PP4URP6BYQVCK5U5/"
              },
              {
                "name": "FEDORA-2023-fe18ae3e85",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NOYATGGPMT3COC7ELAJW5TG2PVS3AFR2/"
              },
              {
                "name": "FEDORA-2023-6f3f9ee721",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFUDSBSABRHQOX6TIQ5O3SNPFTPFQQP/"
              },
              {
                "name": "GLSA-202305-30",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202305-30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1393",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-21T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-22T04:55:52.536Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-server",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "xorg-server 21.1.8"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-07-23T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://www.openwall.com/lists/oss-security/2023/03/29/1"
            },
            {
              "name": "FEDORA-2023-eb3c27ff25",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3EVO3OQV6T4BSABWZ2TU3PY5TJTEQZ2/"
            },
            {
              "name": "FEDORA-2023-b7835960ac",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNQYHUI63DB5FHK6EOI3Z4C6YQZGZKI/"
            },
            {
              "name": "FEDORA-2023-b87fd3a628",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SW2NRC3V53PIBXFPFBVWCOM2MDDILWQS/"
            },
            {
              "name": "FEDORA-2023-f754e7abfd",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHJMSMK7G4GPLMKIGKXIOL2RTKU5VFWE/"
            },
            {
              "name": "FEDORA-2023-66d5af0278",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEHSYYFGBN3G4RS2HJXKQ5NBMOAZ5F2F/"
            },
            {
              "name": "FEDORA-2023-239bae4b57",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PSAAGI5V77FQXIT5PP4URP6BYQVCK5U5/"
            },
            {
              "name": "FEDORA-2023-fe18ae3e85",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NOYATGGPMT3COC7ELAJW5TG2PVS3AFR2/"
            },
            {
              "name": "FEDORA-2023-6f3f9ee721",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFUDSBSABRHQOX6TIQ5O3SNPFTPFQQP/"
            },
            {
              "name": "GLSA-202305-30",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202305-30"
            },
            {
              "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-1393",
        "datePublished": "2023-03-30T00:00:00.000Z",
        "dateReserved": "2023-03-14T00:00:00.000Z",
        "dateUpdated": "2026-01-22T04:55:52.536Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-4283 (GCVE-0-2022-4283)

    Vulnerability from cvelistv5 – Published: 2022-12-14 00:00 – Updated: 2025-04-14 18:13
    VLAI
    Summary
    A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • use-after-free
    • CWE-416 - Use After Free
    Assigner
    Impacted products
    Vendor Product Version
    n/a xorg-x11-server Affected: xorg-x11-server-1.20.4
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T01:34:49.985Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151761"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2022-4283"
              },
              {
                "name": "FEDORA-2022-c3a65f7c65",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/"
              },
              {
                "name": "FEDORA-2022-721a78b7e5",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/"
              },
              {
                "name": "DSA-5304",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2022/dsa-5304"
              },
              {
                "name": "FEDORA-2022-dd3eb7e0a8",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202305-30"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-4283",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-14T15:16:33.555711Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-14T18:13:03.382Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "xorg-x11-server-1.20.4"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "use-after-free",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-30T05:08:33.737Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151761"
            },
            {
              "url": "https://access.redhat.com/security/cve/CVE-2022-4283"
            },
            {
              "name": "FEDORA-2022-c3a65f7c65",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/"
            },
            {
              "name": "FEDORA-2022-721a78b7e5",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/"
            },
            {
              "name": "DSA-5304",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.debian.org/security/2022/dsa-5304"
            },
            {
              "name": "FEDORA-2022-dd3eb7e0a8",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/"
            },
            {
              "url": "https://security.gentoo.org/glsa/202305-30"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2022-4283",
        "datePublished": "2022-12-14T00:00:00.000Z",
        "dateReserved": "2022-12-05T00:00:00.000Z",
        "dateUpdated": "2025-04-14T18:13:03.382Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2320 (GCVE-0-2022-2320)

    Vulnerability from cvelistv5 – Published: 2022-09-01 00:00 – Updated: 2024-08-03 00:32
    VLAI
    Summary
    A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker to escalate privileges and execute arbitrary code in the context of root.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a xorg-x11-server Affected: xorg-x11-server 21.1
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.611Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/938"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/939"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/freedesktop/xorg-xserver/commit/dd8caf39e9e15d8f302e54045dd08d8ebf1025dc"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-963/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.freedesktop.org/archives/xorg-announce/2022-July/003192.html"
              },
              {
                "name": "GLSA-202210-30",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202210-30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20221104-0003/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "xorg-x11-server 21.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker to escalate privileges and execute arbitrary code in the context of root."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-11-04T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/938"
            },
            {
              "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/939"
            },
            {
              "url": "https://github.com/freedesktop/xorg-xserver/commit/dd8caf39e9e15d8f302e54045dd08d8ebf1025dc"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-963/"
            },
            {
              "url": "https://lists.freedesktop.org/archives/xorg-announce/2022-July/003192.html"
            },
            {
              "name": "GLSA-202210-30",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202210-30"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20221104-0003/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2022-2320",
        "datePublished": "2022-09-01T00:00:00.000Z",
        "dateReserved": "2022-07-05T00:00:00.000Z",
        "dateUpdated": "2024-08-03T00:32:09.611Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-2319 (GCVE-0-2022-2319)

    Vulnerability from cvelistv5 – Published: 2022-09-01 00:00 – Updated: 2024-08-03 00:32
    VLAI
    Summary
    A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a xorg-x11-server Affected: xorg-x11-server 21.1
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:32:09.879Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/938"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/939"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.freedesktop.org/archives/xorg-announce/2022-July/003192.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-964/"
              },
              {
                "name": "GLSA-202210-30",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202210-30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20221104-0003/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "xorg-x11-server 21.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1320",
                  "description": "CWE-1320",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-11-04T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/938"
            },
            {
              "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/939"
            },
            {
              "url": "https://lists.freedesktop.org/archives/xorg-announce/2022-July/003192.html"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-964/"
            },
            {
              "name": "GLSA-202210-30",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202210-30"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20221104-0003/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2022-2319",
        "datePublished": "2022-09-01T00:00:00.000Z",
        "dateReserved": "2022-07-05T00:00:00.000Z",
        "dateUpdated": "2024-08-03T00:32:09.879Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-14362 (GCVE-0-2020-14362)

    Vulnerability from cvelistv5 – Published: 2020-09-15 00:00 – Updated: 2024-08-04 12:46
    VLAI
    Summary
    A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a xorg-x11-server Affected: before xorg-x11-server 1.20.9
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T12:46:33.327Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.x.org/archives/xorg-announce/2020-August/003058.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869144"
              },
              {
                "name": "USN-4488-2",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4488-2/"
              },
              {
                "name": "GLSA-202012-01",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202012-01"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1419/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before xorg-x11-server 1.20.9"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-191",
                  "description": "CWE-191",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://lists.x.org/archives/xorg-announce/2020-August/003058.html"
            },
            {
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869144"
            },
            {
              "name": "USN-4488-2",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://usn.ubuntu.com/4488-2/"
            },
            {
              "name": "GLSA-202012-01",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202012-01"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1419/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2020-14362",
        "datePublished": "2020-09-15T00:00:00.000Z",
        "dateReserved": "2020-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T12:46:33.327Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-14361 (GCVE-0-2020-14361)

    Vulnerability from cvelistv5 – Published: 2020-09-15 00:00 – Updated: 2024-08-04 12:46
    VLAI
    Summary
    A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a xorg-x11-server Affected: before xorg-x11-server 1.20.9
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T12:46:33.907Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.x.org/archives/xorg-announce/2020-August/003058.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869142"
              },
              {
                "name": "USN-4488-2",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4488-2/"
              },
              {
                "name": "GLSA-202012-01",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202012-01"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1418/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before xorg-x11-server 1.20.9"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-191",
                  "description": "CWE-191",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://lists.x.org/archives/xorg-announce/2020-August/003058.html"
            },
            {
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869142"
            },
            {
              "name": "USN-4488-2",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://usn.ubuntu.com/4488-2/"
            },
            {
              "name": "GLSA-202012-01",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202012-01"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1418/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2020-14361",
        "datePublished": "2020-09-15T00:00:00.000Z",
        "dateReserved": "2020-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T12:46:33.907Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-14346 (GCVE-0-2020-14346)

    Vulnerability from cvelistv5 – Published: 2020-09-15 00:00 – Updated: 2024-08-04 12:39
    VLAI
    Summary
    A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
    Severity
    No CVSS data available.
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    n/a xorg-x11-server Affected: before xorg-x11-server 1.20.9
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T12:39:36.531Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.x.org/archives/xorg-announce/2020-August/003058.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862246"
              },
              {
                "name": "USN-4488-2",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4488-2/"
              },
              {
                "name": "GLSA-202012-01",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202012-01"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1417/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before xorg-x11-server 1.20.9"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-191",
                  "description": "CWE-191",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://lists.x.org/archives/xorg-announce/2020-August/003058.html"
            },
            {
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862246"
            },
            {
              "name": "USN-4488-2",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://usn.ubuntu.com/4488-2/"
            },
            {
              "name": "GLSA-202012-01",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202012-01"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1417/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2020-14346",
        "datePublished": "2020-09-15T00:00:00.000Z",
        "dateReserved": "2020-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T12:39:36.531Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-14347 (GCVE-0-2020-14347)

    Vulnerability from cvelistv5 – Published: 2020-08-05 13:08 – Updated: 2024-08-04 12:39
    VLAI
    Summary
    A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
    CWE
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T12:39:36.535Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://lists.x.org/archives/xorg-announce/2020-July/003051.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.openwall.com/lists/oss-security/2020/07/31/2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14347"
              },
              {
                "name": "openSUSE-SU-2020:1279",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00066.html"
              },
              {
                "name": "[debian-lts-announce] 20200830 [SECURITY] [DLA 2359-1] xorg-server security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00057.html"
              },
              {
                "name": "openSUSE-SU-2020:1302",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00075.html"
              },
              {
                "name": "DSA-4758",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2020/dsa-4758"
              },
              {
                "name": "USN-4488-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4488-1/"
              },
              {
                "name": "USN-4488-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4488-2/"
              },
              {
                "name": "GLSA-202012-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202012-01"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "The Xorg Project",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.20.9"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-665",
                  "description": "CWE-665",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-07T01:06:22.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://lists.x.org/archives/xorg-announce/2020-July/003051.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.openwall.com/lists/oss-security/2020/07/31/2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14347"
            },
            {
              "name": "openSUSE-SU-2020:1279",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00066.html"
            },
            {
              "name": "[debian-lts-announce] 20200830 [SECURITY] [DLA 2359-1] xorg-server security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00057.html"
            },
            {
              "name": "openSUSE-SU-2020:1302",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00075.html"
            },
            {
              "name": "DSA-4758",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4758"
            },
            {
              "name": "USN-4488-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4488-1/"
            },
            {
              "name": "USN-4488-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4488-2/"
            },
            {
              "name": "GLSA-202012-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/202012-01"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2020-14347",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "xorg-x11-server",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.20.9"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "The Xorg Project"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable."
                }
              ]
            },
            "impact": {
              "cvss": [
                [
                  {
                    "vectorString": "5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                    "version": "3.0"
                  }
                ]
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-665"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://lists.x.org/archives/xorg-announce/2020-July/003051.html",
                  "refsource": "MISC",
                  "url": "https://lists.x.org/archives/xorg-announce/2020-July/003051.html"
                },
                {
                  "name": "https://www.openwall.com/lists/oss-security/2020/07/31/2",
                  "refsource": "MISC",
                  "url": "https://www.openwall.com/lists/oss-security/2020/07/31/2"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14347",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14347"
                },
                {
                  "name": "openSUSE-SU-2020:1279",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00066.html"
                },
                {
                  "name": "[debian-lts-announce] 20200830 [SECURITY] [DLA 2359-1] xorg-server security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00057.html"
                },
                {
                  "name": "openSUSE-SU-2020:1302",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00075.html"
                },
                {
                  "name": "DSA-4758",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2020/dsa-4758"
                },
                {
                  "name": "USN-4488-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4488-1/"
                },
                {
                  "name": "USN-4488-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4488-2/"
                },
                {
                  "name": "GLSA-202012-01",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/202012-01"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2020-14347",
        "datePublished": "2020-08-05T13:08:43.000Z",
        "dateReserved": "2020-06-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T12:39:36.535Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-14665 (GCVE-0-2018-14665)

    Vulnerability from cvelistv5 – Published: 2018-10-25 20:00 – Updated: 2024-08-05 09:38
    VLAI
    Summary
    A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2018-10-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T09:38:13.000Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "45742",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45742/"
              },
              {
                "name": "[xorg-announce] 20181025 X.Org security advisory: October 25, 2018",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.x.org/archives/xorg-announce/2018-October/002927.html"
              },
              {
                "name": "45922",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45922/"
              },
              {
                "name": "USN-3802-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/3802-1/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e"
              },
              {
                "name": "45697",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45697/"
              },
              {
                "name": "RHSA-2018:3410",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2018:3410"
              },
              {
                "name": "105741",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105741"
              },
              {
                "name": "45908",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45908/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html"
              },
              {
                "name": "46142",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/46142/"
              },
              {
                "name": "GLSA-201810-09",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201810-09"
              },
              {
                "name": "1041948",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1041948"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14665"
              },
              {
                "name": "45832",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45832/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/8a59e3b7dbb30532a7c3769c555e00d7c4301170"
              },
              {
                "name": "45938",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/45938/"
              },
              {
                "name": "DSA-4328",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2018/dsa-4328"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2018-10-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-12T20:07:22.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "45742",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45742/"
            },
            {
              "name": "[xorg-announce] 20181025 X.Org security advisory: October 25, 2018",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.x.org/archives/xorg-announce/2018-October/002927.html"
            },
            {
              "name": "45922",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45922/"
            },
            {
              "name": "USN-3802-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/3802-1/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e"
            },
            {
              "name": "45697",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45697/"
            },
            {
              "name": "RHSA-2018:3410",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:3410"
            },
            {
              "name": "105741",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105741"
            },
            {
              "name": "45908",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45908/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html"
            },
            {
              "name": "46142",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/46142/"
            },
            {
              "name": "GLSA-201810-09",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201810-09"
            },
            {
              "name": "1041948",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1041948"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14665"
            },
            {
              "name": "45832",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45832/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/8a59e3b7dbb30532a7c3769c555e00d7c4301170"
            },
            {
              "name": "45938",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/45938/"
            },
            {
              "name": "DSA-4328",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2018/dsa-4328"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2018-14665",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "45742",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45742/"
                },
                {
                  "name": "[xorg-announce] 20181025 X.Org security advisory: October 25, 2018",
                  "refsource": "MLIST",
                  "url": "https://lists.x.org/archives/xorg-announce/2018-October/002927.html"
                },
                {
                  "name": "45922",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45922/"
                },
                {
                  "name": "USN-3802-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/3802-1/"
                },
                {
                  "name": "https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e",
                  "refsource": "CONFIRM",
                  "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e"
                },
                {
                  "name": "45697",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45697/"
                },
                {
                  "name": "RHSA-2018:3410",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2018:3410"
                },
                {
                  "name": "105741",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105741"
                },
                {
                  "name": "45908",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45908/"
                },
                {
                  "name": "https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html",
                  "refsource": "MISC",
                  "url": "https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html"
                },
                {
                  "name": "46142",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/46142/"
                },
                {
                  "name": "GLSA-201810-09",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201810-09"
                },
                {
                  "name": "1041948",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1041948"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14665",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14665"
                },
                {
                  "name": "45832",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45832/"
                },
                {
                  "name": "https://gitlab.freedesktop.org/xorg/xserver/commit/8a59e3b7dbb30532a7c3769c555e00d7c4301170",
                  "refsource": "CONFIRM",
                  "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/8a59e3b7dbb30532a7c3769c555e00d7c4301170"
                },
                {
                  "name": "45938",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/45938/"
                },
                {
                  "name": "DSA-4328",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2018/dsa-4328"
                },
                {
                  "name": "http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html"
                },
                {
                  "name": "http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2018-14665",
        "datePublished": "2018-10-25T20:00:00.000Z",
        "dateReserved": "2018-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-05T09:38:13.000Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-2624 (GCVE-0-2017-2624)

    Vulnerability from cvelistv5 – Published: 2018-07-27 18:00 – Updated: 2024-08-05 14:02
    VLAI
    Summary
    It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Xorg xorg-x11-server Affected: 1.19.0
    Create a notification for this product.
    Date Public
    2018-07-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T14:02:06.893Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-201704-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201704-03"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/d7ac755f0b618eb1259d93c8a16ec6e39a18627c"
              },
              {
                "name": "1037919",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037919"
              },
              {
                "name": "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html"
              },
              {
                "name": "GLSA-201710-30",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201710-30"
              },
              {
                "name": "96480",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/96480"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2624"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "Xorg",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.19.0"
                }
              ]
            }
          ],
          "datePublic": "2018-07-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-385",
                  "description": "CWE-385",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-08-03T17:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "GLSA-201704-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201704-03"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitlab.freedesktop.org/xorg/xserver/commit/d7ac755f0b618eb1259d93c8a16ec6e39a18627c"
            },
            {
              "name": "1037919",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037919"
            },
            {
              "name": "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html"
            },
            {
              "name": "GLSA-201710-30",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201710-30"
            },
            {
              "name": "96480",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/96480"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2624"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2017-2624",
        "datePublished": "2018-07-27T18:00:00.000Z",
        "dateReserved": "2016-12-01T00:00:00.000Z",
        "dateUpdated": "2024-08-05T14:02:06.893Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-12183 (GCVE-0-2017-12183)

    Vulnerability from cvelistv5 – Published: 2018-01-24 15:00 – Updated: 2024-09-16 19:21
    VLAI
    Summary
    xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Date Public
    2017-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T18:28:16.691Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-4000",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2017/dsa-4000"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cgit.freedesktop.org/xorg/xserver/commit/?id=55caa8b08c84af2b50fbc936cf334a5a93dd7db5"
              },
              {
                "name": "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html"
              },
              {
                "name": "GLSA-201711-05",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/201711-05"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509224"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "xorg-x11-server",
              "vendor": "The X.Org Foundation",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.19.5"
                }
              ]
            }
          ],
          "datePublic": "2017-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-391",
                  "description": "CWE-391",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-02T10:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "DSA-4000",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2017/dsa-4000"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cgit.freedesktop.org/xorg/xserver/commit/?id=55caa8b08c84af2b50fbc936cf334a5a93dd7db5"
            },
            {
              "name": "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html"
            },
            {
              "name": "GLSA-201711-05",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/201711-05"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509224"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "DATE_PUBLIC": "2017-10-10T00:00:00",
              "ID": "CVE-2017-12183",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "xorg-x11-server",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.19.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "The X.Org Foundation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-391"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-4000",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2017/dsa-4000"
                },
                {
                  "name": "https://cgit.freedesktop.org/xorg/xserver/commit/?id=55caa8b08c84af2b50fbc936cf334a5a93dd7db5",
                  "refsource": "CONFIRM",
                  "url": "https://cgit.freedesktop.org/xorg/xserver/commit/?id=55caa8b08c84af2b50fbc936cf334a5a93dd7db5"
                },
                {
                  "name": "[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html"
                },
                {
                  "name": "GLSA-201711-05",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/201711-05"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1509224",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509224"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2017-12183",
        "datePublished": "2018-01-24T15:00:00.000Z",
        "dateReserved": "2017-08-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:21:10.764Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }