Trend Micro Uncovers Yet Another X.Org Server Vulnerability: CVE-2023-1393

Written by Michael Larabel in X.Org on 29 March 2023 at 08:30 AM EDT. 305 Comments
For over a decade now the X.Org Server has been seeing routine security disclosures in its massive codebase with some security researchers saying it's even worse than it looks and security researchers frequently finding multiple vulnerabilities at a time in the large and aging code-base that these days rarely sees new feature work. Today another disclosure was made by the folks with the Trend Micro Zero Day Initiative.

CVE-2023-1393 is a use-after-free vulnerability where it could lead to local privilege escalation if the xorg-server is still running as root and remote code execution for SSH X forwarding sessions.

If a client explicitly destroys the compositor overlay window, the X.Org Server leaves a dangling pointer to that window and will trigger a use-after-free later on.

The disclosure was made a few minutes ago on the mailing list.


The two-line fix was made to the X.Org Server Git codebase and will be incorporated into the next xorg-server release. Fortunately at least many are able to run the X.Org Server without root privileges in recent years though some still do not, particularly on some other non-Linux X.Org Server environments.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week