A security issue has been found in X.Org before version 21.1.2. The handlers for the RecordCreateContext and RecordRegisterClients requests of the Record extension do not properly validate the request length leading to an out of bounds memory write. This can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for SSH X forwarding sessions.
A security issue has been found in X.Org before version 21.1.2. The handlers for the RecordCreateContext and RecordRegisterClients requests of the Record extension do not properly validate the request length leading to an out of bounds memory write. This can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for SSH X forwarding sessions.
https://lists.x.org/archives/xorg-announce/2021-December/003122.html https://gitlab.freedesktop.org/xorg/xserver/-/commit/e56f61c79fc3cee26d83cda0f84ae56d5979f768
Vulmon