X.org security fixes address potential ASLR bypass, heap corruption
X.org security fixes address potential ASLR bypass, heap corruption
[Security] Posted Jul 31, 2020 17:38 UTC (Fri) by coogle
The X.Org project has announced two security advisories that impact Xserver and libX11. The first advisory for X server is regarding uninitialized memory in AllocatePixmap() that could lead to address space layout randomization bypass. The second, impacting libX11, is a heap corruption caused by integer overflows and signed/unsigned comparisons.