Search CVE reports
51 – 60 of 75 results
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data...
9 affected packages
xorg-server, xorg-server-lts-vivid, xorg-server-lts-wily, xorg-server-hwe-16.04, xorg-server-hwe-18.04...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg-server | — | — | Fixed | Fixed |
| xorg-server-lts-vivid | — | — | Not in release | Not in release |
| xorg-server-lts-wily | — | — | Not in release | Not in release |
| xorg-server-hwe-16.04 | — | — | Not in release | Not in release |
| xorg-server-hwe-18.04 | — | — | Not in release | Fixed |
| xorg | — | — | Not affected | Not affected |
| xorg-hwe-16.04 | — | — | Not in release | Not in release |
| xorg-server-lts-utopic | — | — | Not in release | Not in release |
| xorg-server-lts-xenial | — | — | Not in release | Not in release |
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data...
9 affected packages
xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg | — | — | Not affected | Not affected |
| xorg-hwe-16.04 | — | — | Not in release | Not in release |
| xorg-server | — | — | Fixed | Fixed |
| xorg-server-hwe-16.04 | — | — | Not in release | Not in release |
| xorg-server-hwe-18.04 | — | — | Not in release | Fixed |
| xorg-server-lts-utopic | — | — | Not in release | Not in release |
| xorg-server-lts-vivid | — | — | Not in release | Not in release |
| xorg-server-lts-wily | — | — | Not in release | Not in release |
| xorg-server-lts-xenial | — | — | Not in release | Not in release |
A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality...
10 affected packages
xorg, xorg-hwe-16.04, xorg-hwe-18.04, xorg-server, xorg-server-hwe-16.04...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg | — | — | Not affected | Not affected |
| xorg-hwe-16.04 | — | — | Not in release | Not in release |
| xorg-hwe-18.04 | — | — | Not in release | Not affected |
| xorg-server | — | — | Fixed | Fixed |
| xorg-server-hwe-16.04 | — | — | Not in release | Not in release |
| xorg-server-hwe-18.04 | — | — | Not in release | Fixed |
| xorg-server-lts-utopic | — | — | Not in release | Not in release |
| xorg-server-lts-vivid | — | — | Not in release | Not in release |
| xorg-server-lts-wily | — | — | Not in release | Not in release |
| xorg-server-lts-xenial | — | — | Not in release | Not in release |
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass....
9 affected packages
xorg, xorg-hwe-16.04, xorg-server-hwe-18.04, xorg-server, xorg-server-hwe-16.04...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg | — | — | Not affected | Not affected |
| xorg-hwe-16.04 | — | — | Not in release | Not in release |
| xorg-server-hwe-18.04 | — | — | Not in release | Fixed |
| xorg-server | — | — | Fixed | Fixed |
| xorg-server-hwe-16.04 | — | — | Not in release | Not in release |
| xorg-server-lts-utopic | — | — | Not in release | Not in release |
| xorg-server-lts-vivid | — | — | Not in release | Not in release |
| xorg-server-lts-wily | — | — | Not in release | Not in release |
| xorg-server-lts-xenial | — | — | Not in release | Not in release |
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to...
9 affected packages
xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-lts-utopic...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg | — | — | Not affected | Not affected |
| xorg-hwe-16.04 | — | — | Not in release | Not in release |
| xorg-server | — | — | Fixed | Fixed |
| xorg-server-hwe-16.04 | — | — | Not in release | Not in release |
| xorg-server-lts-utopic | — | — | Not in release | Not in release |
| xorg-server-hwe-18.04 | — | — | Not in release | Fixed |
| xorg-server-lts-vivid | — | — | Not in release | Not in release |
| xorg-server-lts-wily | — | — | Not in release | Not in release |
| xorg-server-lts-xenial | — | — | Not in release | Not in release |
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data...
10 affected packages
xorg, xorg-hwe-16.04, xorg-hwe-18.04, xorg-server, xorg-server-hwe-16.04...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg | — | — | Not affected | Not affected |
| xorg-hwe-16.04 | — | — | Not in release | Not in release |
| xorg-hwe-18.04 | — | — | Not in release | Not affected |
| xorg-server | — | — | Fixed | Fixed |
| xorg-server-hwe-16.04 | — | — | Not in release | Not in release |
| xorg-server-hwe-18.04 | — | — | Not in release | Fixed |
| xorg-server-lts-utopic | — | — | Not in release | Not in release |
| xorg-server-lts-vivid | — | — | Not in release | Not in release |
| xorg-server-lts-wily | — | — | Not in release | Not in release |
| xorg-server-lts-xenial | — | — | Not in release | Not in release |
"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of service (application crash) or possibly...
9 affected packages
xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg | — | — | Not affected | Not affected |
| xorg-hwe-16.04 | — | — | Not in release | Not in release |
| xorg-server | — | — | Not affected | Not affected |
| xorg-server-hwe-16.04 | — | — | Not in release | Not in release |
| xorg-server-hwe-18.04 | — | — | Not in release | Not affected |
| xorg-server-lts-utopic | — | — | Not in release | Not in release |
| xorg-server-lts-vivid | — | — | Not in release | Not in release |
| xorg-server-lts-wily | — | — | Not in release | Not in release |
| xorg-server-lts-xenial | — | — | Not in release | Not in release |
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical...
8 affected packages
xorg-server-lts-wily, xorg, xorg-hwe-16.04, xorg-server, xorg-server-hwe-16.04...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg-server-lts-wily | — | — | — | Not in release |
| xorg | — | — | — | Not affected |
| xorg-hwe-16.04 | — | — | — | Not in release |
| xorg-server | — | — | — | Fixed |
| xorg-server-hwe-16.04 | — | — | — | Not in release |
| xorg-server-lts-utopic | — | — | — | Not in release |
| xorg-server-lts-vivid | — | — | — | Not in release |
| xorg-server-lts-xenial | — | — | — | Not in release |
Some fixes available 4 of 10
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp()...
10 affected packages
xorg-server, xorg-server-hwe-16.04, xorg-server-lts-quantal, xorg-server-lts-raring, xorg-server-lts-saucy...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg-server | — | — | — | — |
| xorg-server-hwe-16.04 | — | — | — | — |
| xorg-server-lts-quantal | — | — | — | — |
| xorg-server-lts-raring | — | — | — | — |
| xorg-server-lts-saucy | — | — | — | — |
| xorg-server-lts-trusty | — | — | — | — |
| xorg-server-lts-utopic | — | — | — | — |
| xorg-server-lts-vivid | — | — | — | — |
| xorg-server-lts-wily | — | — | — | — |
| xorg-server-lts-xenial | — | — | — | — |
In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other problems by injecting large or...
8 affected packages
xorg, xorg-hwe-16.04, xorg-server, xorg-server-lts-utopic, xorg-server-lts-vivid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xorg | — | — | — | — |
| xorg-hwe-16.04 | — | — | — | — |
| xorg-server | — | — | — | — |
| xorg-server-lts-utopic | — | — | — | — |
| xorg-server-lts-vivid | — | — | — | — |
| xorg-server-hwe-16.04 | — | — | — | — |
| xorg-server-lts-wily | — | — | — | — |
| xorg-server-lts-xenial | — | — | — | — |