Description
A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 debian 13 | | | 2:24.1.6-1 |
debian 12 | | =2:21.1.7-3 || =2:21.1.7-3+deb12u1 || =2:21.1.7-3+deb12u2 || =2:21.1.7-3+deb12u3 || =2:21.1.7-3+deb12u4 || =2:21.1.7-3+deb12u5 || =2:21.1.7-3+deb12u6 || =2:21.1.7-3+deb12u7 || =2:21.1.7-3+deb12u8 || >=0 <2:21.1.7-3+deb12u9 | 2:21.1.7-3+deb12u9 |
debian 13 | | | 2:21.1.16-1 |
debian 11 | | =2:1.20.11-1 || =2:1.20.11-1+deb11u1 || =2:1.20.11-1+deb11u10 || =2:1.20.11-1+deb11u11 || =2:1.20.11-1+deb11u12 || =2:1.20.11-1+deb11u13 || =2:1.20.11-1+deb11u14 || =2:1.20.11-1+deb11u2 || =2:1.20.11-1+deb11u3 || =2:1.20.11-1+deb11u4 || =2:1.20.11-1+deb11u5 || =2:1.20.11-1+deb11u6 || =2:1.20.11-1+deb11u7 || =2:1.20.11-1+deb11u8 || =2:1.20.11-1+deb11u9 || >=0 <2:1.20.11-1+deb11u15 | 2:1.20.11-1+deb11u15 |
debian 14 | | | 2:21.1.16-1 |
debian 12 | | =2:22.1.9-1 || =2:23.1.0-1 || =2:23.1.1-1 || =2:23.2.0-1 || =2:23.2.1-1 || =2:23.2.2-1 || =2:23.2.3-1 || =2:23.2.4-1 || =2:23.2.6-1 || =2:24.0.99.901-1 || =2:24.1.0-1 || =2:24.1.10-1 || =2:24.1.11-1 || =2:24.1.2-1 || =2:24.1.3-1 || =2:24.1.4-1 || =2:24.1.4-2 || =2:24.1.4-3 || =2:24.1.5-1 || =2:24.1.6-1 || =2:24.1.8-1 || =2:24.1.9-1 | - |
debian 14 | | | 2:24.1.6-1 |
 rpm rhel9 | | | 0:1.14.1-1.el9_5.1 |
rpm rhel9 | | | 0:23.2.7-3.el9_6 |
rpm rhel7 | | - | - |
