The problem is in the _XkbSetCompatMap() function, where incorrectly updating the heap size can lead to a buffer overflow. Exploiting the vulnerability involves sending a modified bitmap to the server; this can increase privileges when running the server as root. Remote exploitation is possible if X11 is used over SSH.
X.Org Server 21.1.4 and XWayland 24.1.4 were released to fix the vulnerability.
Users are strongly recommended to update to these versions to protect their systems.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
