X.Org Server Starts June With Nine New Security Vulnerabilities Discovered Via AI

Nine new security vulnerabilities have been discovered in the X.Org Server and XWayland component, with eight of them identified by Trend Micro's TrendAI Zero Day Initiative and the ninth by Red Hat developer Peter Hutterer. The flaws include stack-based buffer overflows, use-after-free issues, and out-of-bounds read/write vulnerabilities, marking the latest in a long-running series of security issues for the aging X.Org Server codebase.

X.Org Server Starts June With Nine New Security Vulnerabilities Discovered Via AI There are nine new security vulnerabilities impacting the X.Org Server as well as the XWayland component. Yep, more than a decade after X.Org Server security issues began coming to light with a security research These latest security vulnerabilities were uncovered using AI... In particular, Trend Micro's TrendAI Zero Day Initiative. TrendAI found eight of the nine vulnerabilities made public today with longtime X.Org input developer Peter Hutterer of Red Hat discovering the ninth. The latest X.Org Server codebase vulnerabilities include: More details on today's security disclosures via the acknowledging it's a disaster and "it's worse than it looks" https://www.phoronix.com/news/MTU1NzA , it continues holding true.These latest security vulnerabilities were uncovered using AI... In particular, Trend Micro's TrendAI Zero Day Initiative. TrendAI found eight of the nine vulnerabilities made public today with longtime X.Org input developer Peter Hutterer of Red Hat discovering the ninth. The latest X.Org Server codebase vulnerabilities include: Font Alias Stack-based Buffer Overflow XSYNC Use-After-Free in miSyncDestroyFence XKB Key Types Stack-based Buffer Overflow XKB SetMap Request Stack-based Buffer Overflow XSYNC Use-After-Free in FreeCounter XSYNC Use-After-Free in SyncChangeCounter GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write CreateSaverWindow Use-After-Free Information Disclosure DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write More details on today's security disclosures via the