rpm package

almalinux/xorg-x11-server-source

pkg:rpm/almalinux/xorg-x11-server-source

Vulnerabilities (58)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-4283	—	< 1.20.11-17.el9	1.20.11-17.el9	Dec 14, 2022	A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems
CVE-2022-3551	—	< 1.20.11-17.el9	1.20.11-17.el9	Oct 17, 2022	A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of t
CVE-2022-3550	—	< 1.20.11-17.el9	1.20.11-17.el9	Oct 17, 2022	A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of
CVE-2022-2320	—	< 1.20.11-9.el8	1.20.11-9.el8	Sep 1, 2022	A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw a
CVE-2022-2319	—	< 1.20.11-9.el8	1.20.11-9.el8	Sep 1, 2022	A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length.
CVE-2021-4011	—	< 1.20.11-5.el8	1.20.11-5.el8	Dec 17, 2021	A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-4010	—	< 1.20.11-5.el8	1.20.11-5.el8	Dec 17, 2021	A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-4009	—	< 1.20.11-5.el8	1.20.11-5.el8	Dec 17, 2021	A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-4008	—	< 1.20.11-5.el8	1.20.11-5.el8	Dec 17, 2021	A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14360	—	< 1.20.10-1.el8	1.20.10-1.el8	Jan 20, 2021	A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-25712	—	< 1.20.10-1.el8	1.20.10-1.el8	Dec 15, 2020	A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14345	—	< 1.20.10-1.el8	1.20.10-1.el8	Sep 15, 2020	A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14362	—	< 1.20.10-1.el8	1.20.10-1.el8	Sep 15, 2020	A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit
CVE-2020-14361	—	< 1.20.10-1.el8	1.20.10-1.el8	Sep 15, 2020	A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit
CVE-2020-14346	—	< 1.20.10-1.el8	1.20.10-1.el8	Sep 15, 2020	A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste
CVE-2020-14363	—	< 1.20.10-1.el8	1.20.10-1.el8	Sep 11, 2020	An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confid
CVE-2020-14347	—	< 1.20.10-1.el8	1.20.10-1.el8	Aug 5, 2020	A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
CVE-2020-14344	—	< 1.20.10-1.el8	1.20.10-1.el8	Aug 5, 2020	An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No

CVE-2022-4283Dec 14, 2022
affected < 1.20.11-17.el9fixed 1.20.11-17.el9
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems
CVE-2022-3551Oct 17, 2022
affected < 1.20.11-17.el9fixed 1.20.11-17.el9
A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of t
CVE-2022-3550Oct 17, 2022
affected < 1.20.11-17.el9fixed 1.20.11-17.el9
A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of
CVE-2022-2320Sep 1, 2022
affected < 1.20.11-9.el8fixed 1.20.11-9.el8
A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw a
CVE-2022-2319Sep 1, 2022
affected < 1.20.11-9.el8fixed 1.20.11-9.el8
A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length.
CVE-2021-4011Dec 17, 2021
affected < 1.20.11-5.el8fixed 1.20.11-5.el8
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-4010Dec 17, 2021
affected < 1.20.11-5.el8fixed 1.20.11-5.el8
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-4009Dec 17, 2021
affected < 1.20.11-5.el8fixed 1.20.11-5.el8
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-4008Dec 17, 2021
affected < 1.20.11-5.el8fixed 1.20.11-5.el8
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14360Jan 20, 2021
affected < 1.20.10-1.el8fixed 1.20.10-1.el8
A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-25712Dec 15, 2020
affected < 1.20.10-1.el8fixed 1.20.10-1.el8
A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14345Sep 15, 2020
affected < 1.20.10-1.el8fixed 1.20.10-1.el8
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14362Sep 15, 2020
affected < 1.20.10-1.el8fixed 1.20.10-1.el8
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit
CVE-2020-14361Sep 15, 2020
affected < 1.20.10-1.el8fixed 1.20.10-1.el8
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit
CVE-2020-14346Sep 15, 2020
affected < 1.20.10-1.el8fixed 1.20.10-1.el8
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste
CVE-2020-14363Sep 11, 2020
affected < 1.20.10-1.el8fixed 1.20.10-1.el8
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confid
CVE-2020-14347Aug 5, 2020
affected < 1.20.10-1.el8fixed 1.20.10-1.el8
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
CVE-2020-14344Aug 5, 2020
affected < 1.20.10-1.el8fixed 1.20.10-1.el8
An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No

Page 3 of 3