There are nine new security vulnerabilities impacting the X.Org Server as well as the XWayland component. Yep, more than a decade after X.Org Server security issues began coming to light with a security research
These latest security vulnerabilities were uncovered using AI... In particular, Trend Micro's TrendAI Zero Day Initiative. TrendAI found eight of the nine vulnerabilities made public today with longtime X.Org input developer Peter Hutterer of Red Hat discovering the ninth.
The latest X.Org Server codebase vulnerabilities include:
More details on today's security disclosures via the
acknowledging it's a disaster and "it's worse than it looks", it continues holding true.These latest security vulnerabilities were uncovered using AI... In particular, Trend Micro's TrendAI Zero Day Initiative. TrendAI found eight of the nine vulnerabilities made public today with longtime X.Org input developer Peter Hutterer of Red Hat discovering the ninth.
The latest X.Org Server codebase vulnerabilities include:
* Font Alias Stack-based Buffer Overflow
* XSYNC Use-After-Free in miSyncDestroyFence()
* XKB Key Types Stack-based Buffer Overflow
* XKB SetMap Request Stack-based Buffer Overflow
* XSYNC Use-After-Free in FreeCounter()
* XSYNC Use-After-Free in SyncChangeCounter()
* GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write
* CreateSaverWindow Use-After-Free Information Disclosure
* DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write
More details on today's security disclosures via the