From https://lists.x.org/archives/xorg-announce/2023-October/003430.html: 3) CVE-2023-5574: Use-after-free bug in DamageDestroy Introduced in: xorg-server-1.13.0 (2012) Found by: Sri working with Trend Micro Zero Day Initiative Merge request tracking the fixes: https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1189 This issue only affects Xvfb and requires a legacy multi-screen setup with multiple protocol screens ("Zaphod"). Screen cleanup is handled via stackable "modules", but the fb module hardcoded the cleanup path for the screen pixmap instead of calling into the next layer of the stack. This caused a minor memory leak that was fixed with a patch to Xvfb introduced in server 1.13. However, that patch did not remove all references to the freed pixmap, causing a use-after-free during screen cleanup in a lower module. This issue has not yet been fixed, please see the above merge request to track future fixes to this issue.
