By providing a modified bitmap to the X.Org Server, a heap-based buffer overflow privilege escalation can occur.
Maybe we should stop writing security critical software in memory unsafe languages. I now this vulnerability was introduced a long time ago, but given that major Wayland compositors are still written in C, something like this isn’t too unlikely to happen again.
Maybe we should stop writing security critical software in memory unsafe languages. I now this vulnerability was introduced a long time ago, but given that major Wayland compositors are still written in C, something like this isn’t too unlikely to happen again.
Wait till bro find out the program written in the “memory safe language” depends on many libraries written in C
Let’s re-write all currently existing software in Rust, then there will be no more security holes, and every computer will be safe forever.
The problem is a huge codebase that no one understands.
KWin is written in C++ but yes, it’s not a “safe” language.
With at least three mainstream implementations – KWin, Mutter, and wlroots – it’s highly unlikely that all would ever be equally affected by one bug.