ALT-PU-2023-1535-1
Package xorg-server updated to version 21.1.8-alt1 for branch sisyphus in task 317710.
Closed vulnerabilities
Published: 2023-03-29
BDU:2023-02146
Уязвимость программного пакета X.Org Server, связанная с использованием памяти после ее освобождения, позволяющая нарушителю повысить свои привилегии
Severity: HIGH (7.8)
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2023-03-31
Modified: 2025-02-14
Modified: 2025-02-14
CVE-2023-1393
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110
- FEDORA-2023-b7835960ac
- FEDORA-2023-b7835960ac
- FEDORA-2023-eb3c27ff25
- FEDORA-2023-eb3c27ff25
- FEDORA-2023-66d5af0278
- FEDORA-2023-66d5af0278
- FEDORA-2023-fe18ae3e85
- FEDORA-2023-fe18ae3e85
- FEDORA-2023-239bae4b57
- FEDORA-2023-239bae4b57
- FEDORA-2023-f754e7abfd
- FEDORA-2023-f754e7abfd
- FEDORA-2023-b87fd3a628
- FEDORA-2023-b87fd3a628
- FEDORA-2023-6f3f9ee721
- FEDORA-2023-6f3f9ee721
- GLSA-202305-30
- GLSA-202305-30
- https://www.openwall.com/lists/oss-security/2023/03/29/1
- https://www.openwall.com/lists/oss-security/2023/03/29/1