ZDI-26-397: X.Org Server CreateSaverWindow Use-After-Free Information Disclosure Vulnerability

A critical use-after-free vulnerability has been identified in the X.Org Server, potentially leading to sensitive information disclosure and privilege escalation. The vulnerability, tracked as ZDI-26-397, resides in the server's management of ScreenSaverScreenPrivateRec objects. It arises from an insufficient validation process, where the server performs operations on an object without first confirming its existence. This oversight can be exploited by an attacker who has already gained low-privileged execution on the target system. By chaining this vulnerability with other exploits, an attacker could achieve arbitrary code execution with root privileges. The X.Org project has released a patch to rectify this security flaw. Further technical details regarding the fix can be found in the project's commit history.





