As GNOME and other projects move away from X11, researchers discovered three critical vulnerabilities in X.Org itself.
CVE-2025-62229, CVE-2025-62230, and CVE-2025-62231 revealed use-after-free bugs and overflow vulnerabilities that dated back to X11R6 and Xorg 1.15—some over 20 years old.
These weren’t new flaws but vulnerabilities that had persisted undetected for decades.
More fundamentally, the discovery revealed architectural flaws in X11 that cannot be fixed without breaking compatibility.
X11’s graphics buffer system uses 32-bit integer handles as identifiers, allowing any application to access any graphics buffer by guessing or enumerating these handles.
This represents a fundamental security vulnerability inherent to X11’s design.
Bibliography:
- Glukhov, R. (2026, January). Wayland vs X11: 2026 comparison. Retrieved from https://www.glukhov.org/post/2026/01/wayland-vs-x11-comparison/
About The Author
