Buffer Overflow Vulnerability in X.Org and Xwayland XkbVModMaskText() Function
This vulnerability allows local malicious users to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the XkbVModMaskText function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
red hat red hat enterprise linux 10 |
||
red hat red hat enterprise linux 7 extended lifecycle support |
||
red hat red hat enterprise linux 8 |
||
red hat red hat enterprise linux 8.2 advanced update support |
||
red hat red hat enterprise linux 8.4 advanced mission critical update support |
||
red hat red hat enterprise linux 8.4 telecommunications update service |
||
red hat red hat enterprise linux 8.4 update services for sap solutions |
||
red hat red hat enterprise linux 8.6 advanced mission critical update support |
||
red hat red hat enterprise linux 8.6 telecommunications update service |
||
red hat red hat enterprise linux 8.6 update services for sap solutions |
||
red hat red hat enterprise linux 8.8 extended update support |
||
red hat red hat enterprise linux 9 |
||
red hat red hat enterprise linux 9.0 update services for sap solutions |
||
red hat red hat enterprise linux 9.2 extended update support |
||
red hat red hat enterprise linux 9.4 extended update support |
||
red hat red hat enterprise linux 6 |
||
tigervnc tigervnc - |
||
x.org x server |
||
x.org xwayland |
||
redhat enterprise linux 7.0 |
||
redhat enterprise linux 8.0 |
||
redhat enterprise linux 9.0 |
Vulmon