Headline
Debian Security Advisory 5657-1
Debian Linux Security Advisory 5657-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the X server is running privileged or denial of service.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Debian Security Advisory DSA-5657-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
April 12, 2024 https://www.debian.org/security/faq
Package : xorg-server
CVE ID : CVE-2024-31080 CVE-2024-31081 CVE-2024-31083
Several vulnerabilities were discovered in the Xorg X server, which may
result in privilege escalation if the X server is running privileged
or denial of service.
For the oldstable distribution (bullseye), these problems have been fixed
in version 2:1.20.11-1+deb11u13.
For the stable distribution (bookworm), these problems have been fixed in
version 2:21.1.7-3+deb12u7.
We recommend that you upgrade your xorg-server packages.
For the detailed security status of xorg-server please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/xorg-server
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmYZmfJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Qz4w//cyMczPAsPfqta3Jcw9cclEKJ2EC6p7c1SWm3c16rHyL+pOfcFsNuUrCR
H+JPZ8x2qSk5MSJ1AFC4WUJptZup9WlTIfdSNtPJ/T+uweDpEbMGp0dl2DNu5AIP
riPtam1aVHUsOr7rT4EzBcRK6hZSltgKZjBeu5vdZLDpexOrGTBx6KmjB62+G21P
3/pog2OVvGi3x6PBsQizEQRW4RP8UsfLEt2EaCxgZKlR+4lfbaSyrKFXolSSbtUR
lRur+6dy4569c2Ja844W1MFAtXPre6iFLzhwQNuagwTo4V8OqPAi1vjIpjg/vE2S
s9icZpqJMnFuAEvqoUQ9h5hByZtvGYOxoj8xbT5HCwIzro3K2+eEUpPCBZDqfdxh
46a7cShJSPzPSgMaZDhi3+BnmmK5GN/cuaUD9YMm2o5JkRxrRjOyo0P/1yvLAV4/
66XCXbWFUkLNVAi2Z+VI8vJ+cndQ5x1sSxv8HbNTpDSYeazoUFcvfwvFyok+HQYt
OUu22K/TR7ejYGCWXEg/WOqQxgPk63IB2JvuyGRkshis5gKtOstUjPIpvsGpevq+
dMuvY63hnZkJYhqTV9nD0YUg7+H6GznxRcOG/YQmzmpu9htpaotmwCucRi2tAS6A
v4Vd90kzBGPcatElBnPkulj9piI+nFaQT40y5ekG8bXVdCYgDQM=
=Hr75
-----END PGP SIGNATURE-----
Related news
Red Hat Security Advisory 2024-9093-03 - An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2024-3343-03 - An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2024-2616-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.
Red Hat Security Advisory 2024-2042-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
Red Hat Security Advisory 2024-2041-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Security Advisory 2024-2040-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Security Advisory 2024-2039-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Security Advisory 2024-2038-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
Red Hat Security Advisory 2024-2037-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.
Red Hat Security Advisory 2024-2036-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Security Advisory 2024-1785-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7.
Red Hat Security Advisory 2024-1785-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7.
Red Hat Security Advisory 2024-1785-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7.
Ubuntu Security Notice 6721-2 - USN-6721-1 fixed vulnerabilities in X.Org X Server. That fix was incomplete resulting in a regression. This update fixes the problem. It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information.
Ubuntu Security Notice 6721-2 - USN-6721-1 fixed vulnerabilities in X.Org X Server. That fix was incomplete resulting in a regression. This update fixes the problem. It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information.
Ubuntu Security Notice 6721-2 - USN-6721-1 fixed vulnerabilities in X.Org X Server. That fix was incomplete resulting in a regression. This update fixes the problem. It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information.
Ubuntu Security Notice 6721-1 - It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. It was discovered that X.Org X Server incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a crash or expose sensitive information.
Ubuntu Security Notice 6721-1 - It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. It was discovered that X.Org X Server incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a crash or expose sensitive information.
Ubuntu Security Notice 6721-1 - It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. It was discovered that X.Org X Server incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a crash or expose sensitive information.