Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

XWayland 22.1.3 Released Due To XKB Security Vulnerabilities

Written by Michael Larabel in Wayland on 13 July 2022 at 12:00 AM EDT. 13 Comments

WAYLAND

Disclosed on Tuesday were two new X.Org Server security vulnerabilities concerning possible local privilege escalation and remote code execution. X.Org Server 21.1.4 was released with these mitigations to the XKB extension while XWayland is also vulnerable and has now been patched with XWayland 22.1.3.

While there were Phoronix readers quick to promote Wayland in light of the XKB security vulnerabilities with the X.Org Server, for those Wayland users still relying on legacy X11 clients via XWayland there is exposure. But at least the primary threat with these security vulnerabilities is to those still running the X Server process with privileged rights.

Olivier Fourdan of Red Hat released XWayland 212.1.3 that contains the XKB security fixes around out-of-bounds memory writes. There are also a few other minor fixes too with this point release.

13 Comments

Related News

Miracle-WM 0.4 Released With i3 IPC Support

XWayland Lands Support For xdg-system-bell

Wayland Color Management Protocol Might Finally Be Close To Merging

WayVNC 0.9 Released For Wayland VNC Server With New Features

Niri 0.1.10 Scrollable-Tiling Wayland Compositor Brings Many Improvements

Hyprland 0.45 Compositor Smooths Round Edges, Window Snapping For Floating Windows

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts

Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels

How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs

Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd

Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal

COSMIC Alpha 4 Released For System76's Rust-Based Desktop

GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd

KDE Starts December By Landing A Number Of New Features