Ubuntu 5846-1: X.Org X Server vulnerability | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute
==========================================================================
Ubuntu Security Notice USN-5846-1
February 07, 2023

xorg-server, xorg-server-hwe-18.04, xwayland vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

X.Org X Server could be made to crash or run programs as the administrator
if it received specially crafted input.

Software Description:
- xorg-server: X.Org X11 server
- xwayland: X server for running X clients under Wayland
- xorg-server-hwe-18.04: X.Org X11 server

Details:

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain memory operations. An attacker could possibly use these issues to
cause the X Server to crash, execute arbitrary code, or escalate
privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.10:
   xserver-xorg-core               2:21.1.4-2ubuntu1.5
   xwayland                        2:22.1.3-2ubuntu0.3

Ubuntu 22.04 LTS:
   xserver-xorg-core               2:21.1.3-2ubuntu2.7
   xwayland                        2:22.1.1-1ubuntu0.5

Ubuntu 20.04 LTS:
   xserver-xorg-core               2:1.20.13-1ubuntu1~20.04.6
   xwayland                        2:1.20.13-1ubuntu1~20.04.6

Ubuntu 18.04 LTS:
   xserver-xorg-core               2:1.19.6-1ubuntu4.14
   xserver-xorg-core-hwe-18.04     2:1.20.8-2ubuntu2.2~18.04.10
   xwayland                        2:1.19.6-1ubuntu4.14
   xwayland-hwe-18.04              2:1.20.8-2ubuntu2.2~18.04.10

After a standard system update you need to reboot your computer to make all
the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-5846-1
   CVE-2023-0494

Package Information:
   https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.4-2ubuntu1.5
   https://launchpad.net/ubuntu/+source/xwayland/2:22.1.3-2ubuntu0.3
   https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.3-2ubuntu2.7
   https://launchpad.net/ubuntu/+source/xwayland/2:22.1.1-1ubuntu0.5
   https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.13-1ubuntu1~20.04.6
   https://launchpad.net/ubuntu/+source/xorg-server/2:1.19.6-1ubuntu4.14
 
https://launchpad.net/ubuntu/+source/xorg-server-hwe-18.04/2:1.20.8-2ubuntu2.2~18.04.10

Ubuntu 5846-1: X.Org X Server vulnerability

February 7, 2023
X.Org X Server could be made to crash or run programs as the administrator if it received specially crafted input.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: X.Org X Server could be made to crash or run programs as the administrator if it received specially crafted input. Software Description: - xorg-server: X.Org X11 server - xwayland: X server for running X clients under Wayland - xorg-server-hwe-18.04: X.Org X11 server Details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: xserver-xorg-core 2:21.1.4-2ubuntu1.5 xwayland 2:22.1.3-2ubuntu0.3 Ubuntu 22.04 LTS: xserver-xorg-core 2:21.1.3-2ubuntu2.7 xwayland 2:22.1.1-1ubuntu0.5 Ubuntu 20.04 LTS: xserver-xorg-core 2:1.20.13-1ubuntu1~20.04.6 xwayland 2:1.20.13-1ubuntu1~20.04.6 Ubuntu 18.04 LTS: xserver-xorg-core 2:1.19.6-1ubuntu4.14 xserver-xorg-core-hwe-18.04 2:1.20.8-2ubuntu2.2~18.04.10 xwayland 2:1.19.6-1ubuntu4.14 xwayland-hwe-18.04 2:1.20.8-2ubuntu2.2~18.04.10 After a standard system update you need to reboot your computer to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5846-1

CVE-2023-0494

Severity
Ubuntu Security Notice USN-5846-1

Package Information

https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.4-2ubuntu1.5 https://launchpad.net/ubuntu/+source/xwayland/2:22.1.3-2ubuntu0.3 https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.3-2ubuntu2.7 https://launchpad.net/ubuntu/+source/xwayland/2:22.1.1-1ubuntu0.5 https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.13-1ubuntu1~20.04.6 https://launchpad.net/ubuntu/+source/xorg-server/2:1.19.6-1ubuntu4.14 https://launchpad.net/ubuntu/+source/xorg-server-hwe-18.04/2:1.20.8-2ubuntu2.2~18.04.10

Related News

5 Best free to use Linux Server distributions for 2023

Use Cockpit for Linux Remote Server Administration

X.Org Server Hit By New Local Privilege Escalation Vulnerability

10 Essential Linux Tools for Network and Security Pros

News

Advisories

HOWTOs

Features

Best Linux Backup Solutions to Prevent Data Loss in A Ransomware Attack
ManageEngine Vulnerability Manager Plus: How To Protect Your Enterprise from Security Vulnerabilities
High-Impact DoS, Arbitrary Code Execution, Spoofing Bugs Fixed in Thunderbird 102.9.0
A Guide to Business Cybersecurity: Common Digital Attacks and Precautions
New Linux IceFire Ransomware Variant Discovered: What You Need to Know to Secure Your Systems

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy