MGASA-2018-0421 - Updated x11-server packages fix security vulnerability Publication date: 27 Oct 2018 URL: https://advisories.mageia.org/MGASA-2018-0421.html Type: security Affected Mageia releases: 6 CVE: CVE-2018-14665 A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges (CVE-2018-14665). References: - https://bugs.mageia.org/show_bug.cgi?id=23757 - https://www.openwall.com/lists/oss-security/2018/10/25/1 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14665 SRPMS: - 6/core/x11-server-1.19.5-1.2.mga6
Mageia 2018-0421: x11-server security update
A flaw was found in xorg-x11-server before 1.20.3
Summary
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission
check for -modulepath and -logfile options when starting Xorg. X server
allows unprivileged users with the ability to log in to the system via
physical console to escalate their privileges and run arbitrary code under
root privileges (CVE-2018-14665).
References
- https://bugs.mageia.org/show_bug.cgi?id=23757
- https://www.openwall.com/lists/oss-security/2018/10/25/1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14665
Resolution
MGASA-2018-0421 - Updated x11-server packages fix security vulnerability
SRPMS
- 6/core/x11-server-1.19.5-1.2.mga6
Severity
Publication date: 27 Oct 2018
URL: https://advisories.mageia.org/MGASA-2018-0421.html
Type: security
CVE: CVE-2018-14665
News
HOWTOs
About Us
Powered By
