A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information.
2023-12-13T07:15:31.213
2024-11-21T08:43:55.953
Modified
CVSSv3.1: 7.6 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | x.org | x_server | < 21.1.10 | Yes |
| Operating System | redhat | enterprise_linux | 6.0 | No |
| Operating System | redhat | enterprise_linux | 7.0 | No |
| Operating System | redhat | enterprise_linux | 8.0 | No |
| Operating System | redhat | enterprise_linux | 9.0 | No |
| Application | x.org | xwayland | < 23.2.3 | Yes |
| Operating System | redhat | enterprise_linux | 8.0 | No |
| Operating System | redhat | enterprise_linux | 9.0 | No |
| Operating System | redhat | enterprise_linux_eus | 9.2 | Yes |
| Operating System | debian | debian_linux | 10.0 | Yes |
| Operating System | debian | debian_linux | 11.0 | Yes |
| Operating System | debian | debian_linux | 12.0 | Yes |
| Application | tigervnc | tigervnc | - | Yes |
| Operating System | redhat | enterprise_linux | 6.0 | No |
| Operating System | redhat | enterprise_linux | 7.0 | No |
| Operating System | redhat | enterprise_linux | 8.0 | No |
| Operating System | redhat | enterprise_linux | 9.0 | No |