X.Org and Xwayland Buffer Overflow Vulnerability in XkbChangeTypesOfKey Function
A buffer overflow vulnerability exists in X.Org and Xwayland involving the XkbChangeTypesOfKey() function. When this function is initially called with a 0 group, it resizes the key symbols table to 0 but does not modify the key actions. If the same function is subsequently invoked with a non-zero groups value, it results in a buffer overflow because the key actions remain at an incorrect size. This could potentially allow an attacker to cause system instability or execute malicious code by manipulating the key symbols and actions.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
red hat red hat enterprise linux 10 |
||
red hat red hat enterprise linux 7 extended lifecycle support |
||
red hat red hat enterprise linux 8 |
||
red hat red hat enterprise linux 8.2 advanced update support |
||
red hat red hat enterprise linux 8.4 advanced mission critical update support |
||
red hat red hat enterprise linux 8.4 telecommunications update service |
||
red hat red hat enterprise linux 8.4 update services for sap solutions |
||
red hat red hat enterprise linux 8.6 advanced mission critical update support |
||
red hat red hat enterprise linux 8.6 telecommunications update service |
||
red hat red hat enterprise linux 8.6 update services for sap solutions |
||
red hat red hat enterprise linux 8.8 extended update support |
||
red hat red hat enterprise linux 9 |
||
red hat red hat enterprise linux 9.0 update services for sap solutions |
||
red hat red hat enterprise linux 9.2 extended update support |
||
red hat red hat enterprise linux 9.4 extended update support |
||
red hat red hat enterprise linux 6 |
||
tigervnc tigervnc - |
||
x.org x server |
||
x.org xwayland |
||
redhat enterprise linux 7.0 |
||
redhat enterprise linux 8.0 |
||
redhat enterprise linux 9.0 |
Vulmon