| Severity |
|
| Remote |
|
| Type |
| - |
Unknown |
| + |
Privilege escalation |
|
| Description |
| + |
A security issue has been found in xorg-server before version 1.20.11 and xorg-xwayland before version 21.1.1. Insufficient checks on the lengths of the XInput extension ChangeFeedbackControl request can lead to out of bounds memory accesses in the X server. These issues can lead to privilege escalation for authorized clients on systems where the X server is running privileged. |
|
| References |
| + |
https://lists.x.org/archives/xorg-announce/2021-April/003080.html |
| + |
https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/653 |
| + |
https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd |
|
| Notes |
|