Xorg X Server
By the Year
In 2024 there have been 0 vulnerabilities in Xorg X Server . Last year X Server had 4 security vulnerabilities published. Right now, X Server is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 4 | 6.83 |
| 2022 | 3 | 7.27 |
| 2021 | 7 | 7.69 |
| 2020 | 2 | 7.80 |
| 2019 | 1 | 7.80 |
| 2018 | 0 | 0.00 |
It may take a day or so for new X Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Xorg X Server Security Vulnerabilities
A out-of-bounds write flaw was found in the xorg-x11-server
CVE-2023-5367
7.8 - High
- October 25, 2023
A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service.
Memory Corruption
A use-after-free flaw was found in the xorg-x11-server
CVE-2023-5380
4.7 - Medium
- October 25, 2023
A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed.
Dangling pointer
A use-after-free flaw was found in xorg-x11-server-Xvfb
CVE-2023-5574
7 - High
- October 25, 2023
A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be triggered during shutdown or reset of the Xvfb server, allowing for possible escalation of privileges or denial of service.
Dangling pointer
A vulnerability was found in X.Org
CVE-2023-0494
7.8 - High
- March 27, 2023
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
Dangling pointer
A vulnerability classified as critical was found in X.org Server
CVE-2022-3550
8.8 - High
- October 17, 2022
A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211051.
Buffer Overflow
A vulnerability, which was classified as problematic, has been found in X.org Server
CVE-2022-3551
6.5 - Medium
- October 17, 2022
A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052.
Improper Resource Shutdown or Release
A vulnerability, which was classified as problematic, was found in X.org Server
CVE-2022-3553
6.5 - Medium
- October 17, 2022
A vulnerability, which was classified as problematic, was found in X.org Server. This affects an unknown part of the file hw/xquartz/X11Controller.m of the component xquartz. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue. The identifier VDB-211053 was assigned to this vulnerability.
Improper Resource Shutdown or Release
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14
CVE-2021-4011
7.8 - High
- December 17, 2021
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Buffer Overflow
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14
CVE-2021-4008
7.8 - High
- December 17, 2021
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Buffer Overflow
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14
CVE-2021-4009
7.8 - High
- December 17, 2021
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Buffer Overflow
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14
CVE-2021-4010
7.8 - High
- December 17, 2021
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Buffer Overflow
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients
CVE-2020-25697
7 - High
- May 26, 2021
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.
Missing Authentication for Critical Function
A flaw was found in xorg-x11-server in versions before 1.20.11
CVE-2021-3472
7.8 - High
- April 26, 2021
A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Integer underflow
A flaw was found in the X.Org Server before version 1.20.10
CVE-2020-14360
7.8 - High
- January 20, 2021
A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Buffer Overflow
A flaw was found in xorg-x11-server before 1.20.10
CVE-2020-25712
7.8 - High
- December 15, 2020
A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Heap-based Buffer Overflow
A flaw was found in X.Org Server before xorg-x11-server 1.20.9
CVE-2020-14345
7.8 - High
- September 15, 2020
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Buffer Overflow
"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap
CVE-2019-17624
7.8 - High
- October 16, 2019
"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of service (application crash) or possibly have unspecified other impact. Note: It is disputed if the X.Org X Server is involved or if there is a stack overflow.
Memory Corruption
The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file
CVE-2011-4613
- February 05, 2014
The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.
Permissions, Privileges, and Access Controls
Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo
CVE-2013-6425
- January 18, 2014
Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.
Integer underflow
Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org
CVE-2013-6424
- January 18, 2014
Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.
Integer underflow
The LockServer function in os/utils.c in X.Org xserver before 1.11.2
CVE-2011-4028
- July 03, 2012
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists.
insecure temporary file
The LockServer function in os/utils.c in X.Org xserver before 1.11.2
CVE-2011-4029
- July 03, 2012
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.
Race Condition
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Xorg X Server or by Xorg? Click the Watch button to subscribe.
