Описание
A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not present |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | not-affected | code not present |
| esm-infra/xenial | not-affected | code not present |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| mantic | not-affected | code not present |
| noble | not-affected | code not present |
| oracular | not-affected | code not present |
| plucky | not-affected | code not present |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra/focal | DNE | |
| esm-infra/xenial | not-affected | code not present |
| focal | DNE | |
| jammy | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE | |
| plucky | DNE | |
| questing | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE | |
| plucky | DNE | |
| questing | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2:21.1.12-1ubuntu1 |
| esm-infra-legacy/trusty | released | 2:1.15.1-0ubuntu2.11+esm11 |
| esm-infra/bionic | released | 2:1.19.6-1ubuntu4.15+esm8 |
| esm-infra/focal | released | 2:1.20.13-1ubuntu1~20.04.17 |
| esm-infra/xenial | released | 2:1.18.4-0ubuntu0.12+esm13 |
| focal | released | 2:1.20.13-1ubuntu1~20.04.17 |
| jammy | released | 2:21.1.4-2ubuntu1.7~22.04.10 |
| mantic | released | 2:21.1.7-3ubuntu2.9 |
| noble | released | 2:21.1.12-1ubuntu1 |
| oracular | released | 2:21.1.12-1ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra/focal | DNE | |
| esm-infra/xenial | needs-triage | |
| focal | DNE | |
| jammy | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE | |
| plucky | DNE | |
| questing | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra/bionic | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE | |
| plucky | DNE | |
| questing | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2:23.2.6-1 |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | released | 2:22.1.1-1ubuntu0.13 |
| mantic | released | 2:23.2.0-1ubuntu0.6 |
| noble | not-affected | 2:23.2.6-1 |
| oracular | not-affected | 2:23.2.6-1 |
| plucky | not-affected | 2:23.2.6-1 |
| questing | not-affected | 2:23.2.6-1 |
| upstream | needs-triage |
Показывать по
EPSS
7.8 High
CVSS3
Связанные уязвимости
A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.
A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.
A use-after-free vulnerability was found in the ProcRenderAddGlyphs() ...
EPSS
7.8 High
CVSS3