Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Ubuntu 18.04 & 16.04: USN-7085-2 Critical: X.Org Denial of Service

ubuntu
Calendar Grey October 30, 2024
Dist Ubuntu Esm H88
A crucial notice regarding X.Org X Server security flaws impacting Ubuntu 16.04 and 18.04, accompanied by instructions for necessary updates.
X.Org X Server could be made to crash or run programs if it received specially crafted data.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: X.Org X Server could be made to crash or run programs if it received specially crafted data. Software Description: - xorg-server: X.Org X11 server - xorg-server-hwe-18.04: X.Org X11 server - xorg-server-hwe-16.04: X.Org X11 server Details: USN-7085-1 fixed a vulnerability in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations in the X Keyboard Extension. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code.

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu X.Org xcursor patch

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS xserver-xorg-core 2:1.19.6-1ubuntu4.15+esm9 Available with Ubuntu Pro xserver-xorg-core-hwe-18.04 2:1.20.8-2ubuntu2.2~18.04.11+esm1 Available with Ubuntu Pro xwayland 2:1.19.6-1ubuntu4.15+esm9 Available with Ubuntu Pro xwayland-hwe-18.04 2:1.20.8-2ubuntu2.2~18.04.11+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS xserver-xorg-core 2:1.18.4-0ubuntu0.12+esm14 Available with Ubuntu Pro xserver-xorg-core-hwe-16.04 2:1.19.6-1ubuntu4.1~16.04.6+esm6 Available with Ubuntu Pro xwayland 2:1.18.4-0ubuntu0.12+esm14 Available with Ubuntu Pro xwayland-hwe-16.04 2:1.19.6-1ubuntu4.1~16.04.6+esm6 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7085-2

https://ubuntu.com/security/notices/USN-7085-1

CVE-2024-9632

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7085-2

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu X.Org xcursor patch

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here