ALT-PU-2024-17860-1
Package xorg-server updated to version 1.20.14-alt14.E2K.1 for branch p10_e2k.
Closed vulnerabilities
BDU:2018-01290
Уязвимость программного пакета X.Org Server, вызванная ошибками при обработке и проверке параметров командной строки, позволяющая нарушителю получить привилегии root и перезаписать произвольный файл в операционной системе
BDU:2024-09084
Уязвимость функции _XkbSetCompatMap реализации сервера X Window System X.Org Server, позволяющая нарушителю повысить свои привилегии
Modified: 2024-11-21
CVE-2018-14665
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.
- http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html
- http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html
- 105741
- 1041948
- RHSA-2018:3410
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14665
- https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e
- https://gitlab.freedesktop.org/xorg/xserver/commit/8a59e3b7dbb30532a7c3769c555e00d7c4301170
- [xorg-announce] 20181025 X.Org security advisory: October 25, 2018
- GLSA-201810-09
- USN-3802-1
- DSA-4328
- 45697
- 45742
- 45832
- 45908
- 45922
- 45938
- 46142
- https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html
- http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html
- https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html
- 46142
- 45938
- 45922
- 45908
- 45832
- 45742
- 45697
- DSA-4328
- USN-3802-1
- GLSA-201810-09
- [xorg-announce] 20181025 X.Org security advisory: October 25, 2018
- https://gitlab.freedesktop.org/xorg/xserver/commit/8a59e3b7dbb30532a7c3769c555e00d7c4301170
- https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14665
- RHSA-2018:3410
- 1041948
- 105741
- http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html
Modified: 2024-11-21
CVE-2024-9632
A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.
- http://seclists.org/fulldisclosure/2024/Oct/20
- http://www.openwall.com/lists/oss-security/2024/10/29/2
- RHSA-2024:10090
- RHSA-2024:8798
- RHSA-2024:9540
- RHSA-2024:9579
- RHSA-2024:9601
- RHSA-2024:9690
- RHSA-2024:9816
- RHSA-2024:9818
- RHSA-2024:9819
- RHSA-2024:9820
- RHSA-2024:9901
- https://access.redhat.com/security/cve/CVE-2024-9632
- RHBZ#2317233
- https://lists.debian.org/debian-lts-announce/2024/10/msg00031.html