8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.036 Low
EPSS
Percentile
91.7%
A vulnerability was found in X.Org. This security flaw occurs because the
handler for the XvdiSelectVideoNotify request may write to memory after it
has been freed. This issue can lead to local privileges elevation on
systems where the X se
Author | Note |
---|---|
mdeslaur | xorg server is actually the xorg-server package the xorg package only contains docs xwayland package contains parts of xorg-server This is ZDI-CAN-19400 |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | xorg-server | < 2:1.19.6-1ubuntu4.13 | UNKNOWN |
ubuntu | 20.04 | noarch | xorg-server | < 2:1.20.13-1ubuntu1~20.04.5 | UNKNOWN |
ubuntu | 22.04 | noarch | xorg-server | < 2:21.1.3-2ubuntu2.5 | UNKNOWN |
ubuntu | 22.10 | noarch | xorg-server | < 2:21.1.4-2ubuntu1.3 | UNKNOWN |
ubuntu | 23.04 | noarch | xorg-server | < 2:21.1.5-1ubuntu1 | UNKNOWN |
ubuntu | 14.04 | noarch | xorg-server | < 2:1.15.1-0ubuntu2.11+esm7 | UNKNOWN |
ubuntu | 16.04 | noarch | xorg-server | < 2:1.18.4-0ubuntu0.12+esm5 | UNKNOWN |
ubuntu | 16.04 | noarch | xorg-server-hwe-16.04 | < 2:1.19.6-1ubuntu4.1~16.04.6+esm4 | UNKNOWN |
ubuntu | 18.04 | noarch | xorg-server-hwe-18.04 | < 2:1.20.8-2ubuntu2.2~18.04.9 | UNKNOWN |
ubuntu | 22.04 | noarch | xwayland | < 2:22.1.1-1ubuntu0.4 | UNKNOWN |