ALAS2-2023-2335 --- xorg-x11-serverID: oval:org.secpod.oval:def:1701934 | Date: (C)2023-11-24 (M)2024-05-09 |
Class: PATCH | Family: unix |
A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service. A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed