Alerts This Week
Warning Icon 1 975
Alerts This Week
Warning Icon 1 975

Ubuntu 7299-4: X.Org X Server Security Advisory Updates

ubuntu
Calendar Grey March 17, 2025
Dist Ubuntu Esm H88
Critical security advisory for Ubuntu X.Org X Server addresses multiple vulnerabilities and regression issues with detail.
Several security issues were fixed in X.Org X Server.

Summary

Several security issues were fixed in X.Org X Server.

Software Description:

- xorg-server: X.Org X11 server

- xorg-server-hwe-18.04: X.Org X11 server

- xorg-server-hwe-16.04: X.Org X11 server

Details:

USN-7299-2 fix vulnerabilities in X.Org X Server. This fix caused

a regression in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update

fix the regression and re-apply the fix for the CVE listed.

We apologize for the inconvenience.

Original advisory details:

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled

certain memory operations. An attacker could use these issues to cause the

X Server to crash, leading to a denial of service, or possibly execute

arbitrary code.

Topics%20covered

Topics Covered

security advisory denial of service software update arbitrary code memory issue ubuntu xorg-server

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
  xserver-xorg-core               2:1.19.6-1ubuntu4.15+esm12
                                  Available with Ubuntu Pro
  xserver-xorg-core-hwe-18.04     2:1.20.8-2ubuntu2.2~18.04.11+esm4
                                  Available with Ubuntu Pro
  xwayland                        2:1.19.6-1ubuntu4.15+esm12
                                  Available with Ubuntu Pro
  xwayland-hwe-18.04              2:1.20.8-2ubuntu2.2~18.04.11+esm4
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  xserver-xorg-core               2:1.18.4-0ubuntu0.12+esm17
                                  Available with Ubuntu Pro
  xserver-xorg-core-hwe-16.04     2:1.19.6-1ubuntu4.1~16.04.6+esm9
                                  Available with Ubuntu Pro
  xwayland                        2:1.18.4-0ubuntu0.12+esm17
                                  Available with Ubuntu Pro
  xwayland-hwe-16.04              2:1.19.6-1ubuntu4.1~16.04.6+esm9
                                  Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make all
the necessary changes.

References

https://ubuntu.com/security/notices/USN-7299-4

https://ubuntu.com/security/notices/USN-7299-3

https://ubuntu.com/security/notices/USN-7299-2

https://ubuntu.com/security/notices/USN-7299-1

CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597,

CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601,

https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/2102209

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7299-4

Topics%20covered

Topics Covered

security advisory denial of service software update arbitrary code memory issue ubuntu xorg-server

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here