A vulnerability (CVE-1.20.1-2022) has been fixed in the libinput 1215 library, which provides a unified input stack that allows the use of the same event handling facilities from input devices in Wayland and X.Org-based environments. connecting a specially modified/emulated input device to the system. The problem manifests itself in environments based on X.Org and Wayland, and can be exploited both when connecting devices locally and when manipulating Bluetooth devices. If the X server is running as root, the vulnerability allows code to be executed with elevated privileges.
The problem is caused by a string formatting error in the code responsible for outputting device connection information to the log. In particular, the evdev_log_msg function, using the snprintf call, changed the original format string of the log entry, to which the device name was added as a prefix. Next, the modified string was passed to the log_msg_va function, which in turn used the printf function. Thus, the first printf argument to which parsing of formatting characters turned out to be unchecked external data, and an attacker could initiate stack corruption by arranging for the device to return a name containing string formatting characters (for example, "Evil %s").
Source: opennet.ru