Ubuntu 5986-1: X.Org X Server vulnerability | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Sign Up
==========================================================================
Ubuntu Security Notice USN-5986-1
March 29, 2023

xorg-server, xorg-server-hwe-18.04, xwayland vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

X.Org X Server could be made to crash or run programs as the administrator
if it received specially crafted input.

Software Description:
- xorg-server: X.Org X11 server
- xwayland: X server for running X clients under Wayland
- xorg-server-hwe-18.04: X.Org X11 server

Details:

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain memory operations. An attacker could possibly use these issues to
cause the X Server to crash, execute arbitrary code, or escalate
privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.10:
   xserver-xorg-core               2:21.1.4-2ubuntu1.7
   xwayland                        2:22.1.3-2ubuntu0.4

Ubuntu 22.04 LTS:
   xserver-xorg-core               2:21.1.3-2ubuntu2.9
   xwayland                        2:22.1.1-1ubuntu0.6

Ubuntu 20.04 LTS:
   xserver-xorg-core               2:1.20.13-1ubuntu1~20.04.8
   xwayland                        2:1.20.13-1ubuntu1~20.04.8

Ubuntu 18.04 LTS:
   xserver-xorg-core               2:1.19.6-1ubuntu4.15
   xserver-xorg-core-hwe-18.04     2:1.20.8-2ubuntu2.2~18.04.11
   xwayland                        2:1.19.6-1ubuntu4.15
   xwayland-hwe-18.04              2:1.20.8-2ubuntu2.2~18.04.11

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-5986-1
   CVE-2023-1393

Package Information:
   https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.4-2ubuntu1.7
   https://launchpad.net/ubuntu/+source/xwayland/2:22.1.3-2ubuntu0.4
   https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.3-2ubuntu2.9
   https://launchpad.net/ubuntu/+source/xwayland/2:22.1.1-1ubuntu0.6
   https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.13-1ubuntu1~20.04.8
   https://launchpad.net/ubuntu/+source/xorg-server/2:1.19.6-1ubuntu4.15
 
https://launchpad.net/ubuntu/+source/xorg-server-hwe-18.04/2:1.20.8-2ubuntu2.2~18.04.11

Ubuntu 5986-1: X.Org X Server vulnerability

March 29, 2023
X.Org X Server could be made to crash or run programs as the administrator if it received specially crafted input.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: X.Org X Server could be made to crash or run programs as the administrator if it received specially crafted input. Software Description: - xorg-server: X.Org X11 server - xwayland: X server for running X clients under Wayland - xorg-server-hwe-18.04: X.Org X11 server Details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: xserver-xorg-core 2:21.1.4-2ubuntu1.7 xwayland 2:22.1.3-2ubuntu0.4 Ubuntu 22.04 LTS: xserver-xorg-core 2:21.1.3-2ubuntu2.9 xwayland 2:22.1.1-1ubuntu0.6 Ubuntu 20.04 LTS: xserver-xorg-core 2:1.20.13-1ubuntu1~20.04.8 xwayland 2:1.20.13-1ubuntu1~20.04.8 Ubuntu 18.04 LTS: xserver-xorg-core 2:1.19.6-1ubuntu4.15 xserver-xorg-core-hwe-18.04 2:1.20.8-2ubuntu2.2~18.04.11 xwayland 2:1.19.6-1ubuntu4.15 xwayland-hwe-18.04 2:1.20.8-2ubuntu2.2~18.04.11 After a standard system update you need to reboot your computer to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5986-1

CVE-2023-1393

Severity
Ubuntu Security Notice USN-5986-1

Package Information

https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.4-2ubuntu1.7 https://launchpad.net/ubuntu/+source/xwayland/2:22.1.3-2ubuntu0.4 https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.3-2ubuntu2.9 https://launchpad.net/ubuntu/+source/xwayland/2:22.1.1-1ubuntu0.6 https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.13-1ubuntu1~20.04.8 https://launchpad.net/ubuntu/+source/xorg-server/2:1.19.6-1ubuntu4.15 https://launchpad.net/ubuntu/+source/xorg-server-hwe-18.04/2:1.20.8-2ubuntu2.2~18.04.11

Related News

Remotely Exploitable Open vSwitch DoS Vuln Fixed

PHP Vuln Threatens Confidentiality of Impacted Systems

Following exFAT Improvements Last Year, Microsoft Is Adding XFS Root File System to Mariner

Trend Micro Uncovers Yet Another X.Org Server Vulnerability: CVE-2023-1393

News

Advisories

HOWTOs

Features

Linux Container Security Primer
Email Phishing Using Kali Linux
Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

About Us

Powered By

Footer Logo