Description
In X.Org X server 20.11 through 21.1.16, when a client application uses easystroke for mouse gestures, the main thread modifies various data structures used by the input thread without acquiring a lock, aka a race condition. In particular, AttachDevice in dix/devices.c does not acquire an input lock.
References (4)
Core 4
Core References
Issue Tracking
https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=1081338;filename=dix-Hold-input-lock-for-AttachDevice.patch;msg=5
Issue Tracking
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081338
Issue Tracking
https://gitlab.freedesktop.org/xorg/xserver/-/issues/1260
Scores
CVSS v3
7.7
EPSS
0.0027
EPSS Percentile
18.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-413
Status
published
Products (1)
X.org/X server
20.11 - 21.1.16
Published
Mar 16, 2025
Tracked Since
Feb 18, 2026