Security
Headlines
HeadlinesLatestCVEs

Headline

Gentoo Linux Security Advisory 202401-30

Gentoo Linux Security Advisory 202401-30 - Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution. Versions greater than or equal to 21.1.11 are affected.

Packet Storm
#vulnerability#web#mac#linux#rce

Gentoo Linux Security Advisory GLSA 202401-30


                                       https://security.gentoo.org/  

Severity: Normal
Title: X.Org X Server, XWayland: Multiple Vulnerabilities
Date: January 31, 2024
Bugs: #916254, #919803, #922395
ID: 202401-30


Synopsis

Multiple vulnerabilities have been discovered in the Xorg Server and
XWayland, the worst of which can result in privilege escalation or
remote code execution.

Background

The X Window System is a graphical windowing system based on a
client/server model.

Affected packages

Package Vulnerable Unaffected


x11-base/xorg-server < 21.1.11 >= 21.1.11
x11-base/xwayland < 23.2.4 >= 23.2.4

Description

Multiple vulnerabilities have been discovered in X.Org X Server and
XWayland. Please review the CVE identifiers referenced below for
details.

Impact

The X server can be crashed by a malicious client, or potentially be
compromised for remote code execution in environments with X11
forwarding.

Workaround

Users can ensure no untrusted clients can access the running X
implementation.

Resolution

All X.Org X Server users should upgrade to the latest version:

emerge --sync

emerge --ask --oneshot --verbose “>=x11-base/xorg-server-21.1.11”

All XWayland users should upgrade to the latest version:

emerge --sync

emerge --ask --oneshot --verbose “>=x11-base/xwayland-23.2.4”

References

[ 1 ] CVE-2023-5367
https://nvd.nist.gov/vuln/detail/CVE-2023-5367
[ 2 ] CVE-2023-5380
https://nvd.nist.gov/vuln/detail/CVE-2023-5380
[ 3 ] CVE-2023-6377
https://nvd.nist.gov/vuln/detail/CVE-2023-6377
[ 4 ] CVE-2023-6478
https://nvd.nist.gov/vuln/detail/CVE-2023-6478
[ 5 ] CVE-2023-6816
https://nvd.nist.gov/vuln/detail/CVE-2023-6816
[ 6 ] CVE-2024-0229
https://nvd.nist.gov/vuln/detail/CVE-2024-0229
[ 7 ] CVE-2024-0408
https://nvd.nist.gov/vuln/detail/CVE-2024-0408
[ 8 ] CVE-2024-0409
https://nvd.nist.gov/vuln/detail/CVE-2024-0409
[ 9 ] CVE-2024-21885
https://nvd.nist.gov/vuln/detail/CVE-2024-21885
[ 10 ] CVE-2024-21886
https://nvd.nist.gov/vuln/detail/CVE-2024-21886

Availability

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

https://security.gentoo.org/glsa/202401-30

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users’ machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or alternatively, you may file a bug at
https://bugs.gentoo.org.

License

Copyright 2024 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Related news

Ubuntu Security Notice USN-6587-5

Ubuntu Security Notice 6587-5 - USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the RRChangeOutputProperty and RRChangeProviderProperty APIs. An attacker could possibly use this issue to cause the X Server to crash, or obtain sensitive information.

Ubuntu Security Notice USN-6587-4

Ubuntu Security Notice 6587-4 - USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete resulting in a possible regression. This update fixes the problem. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code.

Red Hat Security Advisory 2024-0629-03

Red Hat Security Advisory 2024-0629-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 7. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-0626-03

Red Hat Security Advisory 2024-0626-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-0617-03

Red Hat Security Advisory 2024-0617-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a buffer overflow vulnerability.

Ubuntu Security Notice USN-6587-3

Ubuntu Security Notice 6587-3 - USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete resulting in a possible regression. This update fixes the problem. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. Olivier Fourdan and Donn Seeley discovered that the X.Org X Server incorrectly labeled GLX PBuffers when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. Olivier Fourdan discovered that the X.Org X Server incorrectly handled the curser co...

Debian Security Advisory 5603-1

Debian Linux Security Advisory 5603-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the X server is running privileged or denial of service.

Debian Security Advisory 5603-1

Debian Linux Security Advisory 5603-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the X server is running privileged or denial of service.

Debian Security Advisory 5603-1

Debian Linux Security Advisory 5603-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the X server is running privileged or denial of service.

Debian Security Advisory 5603-1

Debian Linux Security Advisory 5603-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the X server is running privileged or denial of service.

Debian Security Advisory 5603-1

Debian Linux Security Advisory 5603-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the X server is running privileged or denial of service.

Debian Security Advisory 5603-1

Debian Linux Security Advisory 5603-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the X server is running privileged or denial of service.

Red Hat Security Advisory 2024-0320-03

Red Hat Security Advisory 2024-0320-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-0320-03

Red Hat Security Advisory 2024-0320-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-0320-03

Red Hat Security Advisory 2024-0320-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-0320-03

Red Hat Security Advisory 2024-0320-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-0320-03

Red Hat Security Advisory 2024-0320-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-0320-03

Red Hat Security Advisory 2024-0320-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Issues addressed include a buffer overflow vulnerability.

Ubuntu Security Notice USN-6587-2

Ubuntu Security Notice 6587-2 - USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code.

Ubuntu Security Notice USN-6587-2

Ubuntu Security Notice 6587-2 - USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code.

Ubuntu Security Notice USN-6587-2

Ubuntu Security Notice 6587-2 - USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code.

Ubuntu Security Notice USN-6587-2

Ubuntu Security Notice 6587-2 - USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code.

Ubuntu Security Notice USN-6587-2

Ubuntu Security Notice 6587-2 - USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code.

Ubuntu Security Notice USN-6587-2

Ubuntu Security Notice 6587-2 - USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code.

Ubuntu Security Notice USN-6587-1

Ubuntu Security Notice 6587-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-6587-1

Ubuntu Security Notice 6587-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-6587-1

Ubuntu Security Notice 6587-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-6587-1

Ubuntu Security Notice 6587-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-6587-1

Ubuntu Security Notice 6587-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-6587-1

Ubuntu Security Notice 6587-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2024-0018-03

Red Hat Security Advisory 2024-0018-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.

Red Hat Security Advisory 2024-0018-03

Red Hat Security Advisory 2024-0018-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.

Red Hat Security Advisory 2024-0017-03

Red Hat Security Advisory 2024-0017-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-0017-03

Red Hat Security Advisory 2024-0017-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-0016-03

Red Hat Security Advisory 2024-0016-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-0016-03

Red Hat Security Advisory 2024-0016-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-0014-03

Red Hat Security Advisory 2024-0014-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Security Advisory 2024-0014-03

Red Hat Security Advisory 2024-0014-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Security Advisory 2024-0010-03

Red Hat Security Advisory 2024-0010-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2024-0010-03

Red Hat Security Advisory 2024-0010-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2024-0010-03

Red Hat Security Advisory 2024-0010-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2024-0009-03

Red Hat Security Advisory 2024-0009-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7.

Red Hat Security Advisory 2024-0009-03

Red Hat Security Advisory 2024-0009-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7.

Red Hat Security Advisory 2023-7886-03

Red Hat Security Advisory 2023-7886-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Security Advisory 2023-7886-03

Red Hat Security Advisory 2023-7886-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Ubuntu Security Notice USN-6555-2

Ubuntu Security Notice 6555-2 - USN-6555-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled XKB button actions. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Ubuntu Security Notice USN-6555-2

Ubuntu Security Notice 6555-2 - USN-6555-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled XKB button actions. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Ubuntu Security Notice USN-6555-1

Ubuntu Security Notice 6555-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled XKB button actions. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the RRChangeOutputProperty and RRChangeProviderProperty APIs. An attacker could possibly use this issue to cause the X Server to crash, or obtain sensitive information.

Ubuntu Security Notice USN-6555-1

Ubuntu Security Notice 6555-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled XKB button actions. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the RRChangeOutputProperty and RRChangeProviderProperty APIs. An attacker could possibly use this issue to cause the X Server to crash, or obtain sensitive information.

CVE-2023-6377: cve-details

A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved.

CVE-2023-6478: cve-details

A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information.

Red Hat Security Advisory 2023-7533-01

Red Hat Security Advisory 2023-7533-01 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2023-7526-01

Red Hat Security Advisory 2023-7526-01 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2023-7436-01

Red Hat Security Advisory 2023-7436-01 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2023-7428-01

Red Hat Security Advisory 2023-7428-01 - An update for tigervnc is now available for Red Hat Enterprise Linux 7. Issues addressed include out of bounds write and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-7428-01

Red Hat Security Advisory 2023-7428-01 - An update for tigervnc is now available for Red Hat Enterprise Linux 7. Issues addressed include out of bounds write and use-after-free vulnerabilities.

Ubuntu Security Notice USN-6453-1

Ubuntu Security Notice 6453-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled prepending values to certain properties. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. Sri discovered that the X.Org X Server incorrectly handled destroying windows in certain legacy multi-screen setups. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Ubuntu Security Notice USN-6453-1

Ubuntu Security Notice 6453-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled prepending values to certain properties. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. Sri discovered that the X.Org X Server incorrectly handled destroying windows in certain legacy multi-screen setups. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Debian Security Advisory 5534-1

Debian Linux Security Advisory 5534-1 - Jan-Niklas Sohn discovered several vulnerabilities in the Xorg X server, which may result in privilege escalation if the X server is running privileged.

Debian Security Advisory 5534-1

Debian Linux Security Advisory 5534-1 - Jan-Niklas Sohn discovered several vulnerabilities in the Xorg X server, which may result in privilege escalation if the X server is running privileged.

CVE-2023-5380: Invalid Bug ID

A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed.

CVE-2023-5367: Invalid Bug ID

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service.

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution