Xorg Xorg

Do you want an email whenever new security vulnerabilities are reported in any Xorg product?

Products by Xorg Sorted by Most Security Vulnerabilities since 2018

Xorg X Server15 vulnerabilities

Xorg Libx116 vulnerabilities

Xorg Server5 vulnerabilities

Xorg Libxi3 vulnerabilities

Xorg X Window System1 vulnerability

By the Year

In 2022 there have been 0 vulnerabilities in Xorg . Last year Xorg had 8 security vulnerabilities published. Right now, Xorg is on track to have less security vulnerabilities in 2022 than it did last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 8 7.95
2020 8 7.38
2019 1 7.80
2018 4 8.43

It may take a day or so for new Xorg vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Xorg Security Vulnerabilities

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14

CVE-2021-4008 7.8 - High - December 17, 2021

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Buffer Overflow

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14

CVE-2021-4009 7.8 - High - December 17, 2021

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Buffer Overflow

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14

CVE-2021-4010 7.8 - High - December 17, 2021

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Buffer Overflow

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14

CVE-2021-4011 7.8 - High - December 17, 2021

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Buffer Overflow

LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code

CVE-2021-31535 9.8 - Critical - May 27, 2021

LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session.

Classic Buffer Overflow

A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients

CVE-2020-25697 7 - High - May 26, 2021

A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.

Missing Authentication for Critical Function

A flaw was found in xorg-x11-server in versions before 1.20.11

CVE-2021-3472 7.8 - High - April 26, 2021

A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Integer underflow

A flaw was found in the X.Org Server before version 1.20.10

CVE-2020-14360 7.8 - High - January 20, 2021

A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Buffer Overflow

A flaw was found in xorg-x11-server before 1.20.10

CVE-2020-25712 7.8 - High - December 15, 2020

A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Heap-based Buffer Overflow

A flaw was found in X.Org Server before xorg-x11-server 1.20.9

CVE-2020-14362 7.8 - High - September 15, 2020

A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Integer underflow

A flaw was found in X.Org Server before xorg-x11-server 1.20.9

CVE-2020-14361 7.8 - High - September 15, 2020

A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Integer underflow

A flaw was found in xorg-x11-server before 1.20.9

CVE-2020-14346 7.8 - High - September 15, 2020

A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Integer underflow

A flaw was found in X.Org Server before xorg-x11-server 1.20.9

CVE-2020-14345 7.8 - High - September 15, 2020

A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Buffer Overflow

An integer overflow vulnerability leading to a double-free was found in libX11

CVE-2020-14363 7.8 - High - September 11, 2020

An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability.

Integer Overflow or Wraparound

An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10

CVE-2020-14344 6.7 - Medium - August 05, 2020

An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are shipped with Red Hat Enterprise Linux.

Integer Overflow or Wraparound

A flaw was found in the way xserver memory was not properly initialized

CVE-2020-14347 5.5 - Medium - August 05, 2020

A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.

Improper Initialization

"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap

CVE-2019-17624 7.8 - High - October 16, 2019

"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of service (application crash) or possibly have unspecified other impact. Note: It is disputed if the X.Org X Server is involved or if there is a stack overflow.

Memory Corruption

A flaw was found in xorg-x11-server before 1.20.3

CVE-2018-14665 6.6 - Medium - October 25, 2018

A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.

AuthZ

An issue was discovered in libX11 through 1.6.5

CVE-2018-14600 9.8 - Critical - August 24, 2018

An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.

Memory Corruption

An issue was discovered in libX11 through 1.6.5

CVE-2018-14599 9.8 - Critical - August 24, 2018

An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.

off-by-five

An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5

CVE-2018-14598 7.5 - High - August 24, 2018

An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).

Improper Input Validation

The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file

CVE-2011-4613 - February 05, 2014

The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.

Permissions, Privileges, and Access Controls

Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo

CVE-2013-6425 - January 18, 2014

Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.

Numeric Errors

Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org

CVE-2013-6424 - January 18, 2014

Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.

Integer underflow

Multiple buffer overflows in X.org libXi 1.7.1 and earlier

CVE-2013-1998 - June 15, 2013

Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions.

Buffer Overflow

X.org libXi 1.7.1 and earlier

CVE-2013-1995 - June 15, 2013

X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function.

Buffer Overflow

Multiple integer overflows in X.org libXi 1.7.1 and earlier

CVE-2013-1984 - June 15, 2013

Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.

Numeric Errors

The LockServer function in os/utils.c in X.Org xserver before 1.11.2

CVE-2011-4028 - July 03, 2012

The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.

insecure temporary file

The LockServer function in os/utils.c in X.Org xserver before 1.11.2

CVE-2011-4029 - July 03, 2012

The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.

Race Condition

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8. Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.