rpm package
suse/xorg-x11-server&distro=SUSE Manager Server 4.2
pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Manager%20Server%204.2
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-5574 | — | < 1.20.3-150200.22.5.79.1 | 1.20.3-150200.22.5.79.1 | Oct 25, 2023 | A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a use-after-f | ||
| CVE-2023-5380 | — | < 1.20.3-150200.22.5.79.1 | 1.20.3-150200.22.5.79.1 | Oct 25, 2023 | A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root | ||
| CVE-2023-5367 | — | < 1.20.3-150200.22.5.79.1 | 1.20.3-150200.22.5.79.1 | Oct 25, 2023 | A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrprope | ||
| CVE-2023-1393 | — | < 1.20.3-150200.22.5.72.1 | 1.20.3-150200.22.5.72.1 | Mar 30, 2023 | A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will tri | ||
| CVE-2023-0494 | — | < 1.20.3-150200.22.5.66.1 | 1.20.3-150200.22.5.66.1 | Mar 27, 2023 | A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where th | ||
| CVE-2022-46340 | — | < 1.20.3-150200.22.5.69.1 | 1.20.3-150200.22.5.69.1 | Dec 14, 2022 | A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can lead |
- CVE-2023-5574Oct 25, 2023affected < 1.20.3-150200.22.5.79.1fixed 1.20.3-150200.22.5.79.1
A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a use-after-f
- CVE-2023-5380Oct 25, 2023affected < 1.20.3-150200.22.5.79.1fixed 1.20.3-150200.22.5.79.1
A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root
- CVE-2023-5367Oct 25, 2023affected < 1.20.3-150200.22.5.79.1fixed 1.20.3-150200.22.5.79.1
A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrprope
- CVE-2023-1393Mar 30, 2023affected < 1.20.3-150200.22.5.72.1fixed 1.20.3-150200.22.5.72.1
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will tri
- CVE-2023-0494Mar 27, 2023affected < 1.20.3-150200.22.5.66.1fixed 1.20.3-150200.22.5.66.1
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where th
- CVE-2022-46340Dec 14, 2022affected < 1.20.3-150200.22.5.69.1fixed 1.20.3-150200.22.5.69.1
A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can lead