Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -8 articles for you...
100

SUSE: 2023:4272-1 Important: xorg-x11-server Privilege Escalation

* bsc#1216133 * bsc#1216135 * bsc#1216261 Cross-References: . # Security update for xorg-x11-server Announcement ID: SUSE-SU-2023:4272-1 Rating: important References: * bsc#1216133 * bsc#1216135 * bsc#1216261 Cross-References: * CVE-2023-5367 * CVE-2023-5380 * CVE-2023-5574 CVSS scores: * CVE-2023-5367 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5367 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5380 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-5380 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-5574 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5574 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for xorg-x11-server fixes the following issues: * CVE-2023-5574: Fixed a privilege escalation issue that could be triggered via the Damage extension protocol (bsc#1216261). * CVE-2023-5380: Fixed a memory safety issue that could be triggered when using multiple protocol screens (bsc#1216133). * CVE-2023-5367: Fixed a memory safety issue in both the XI2 and RandR protocols (bsc#1216135). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2023-4272=1 openSUSE-SLE-15.5-2023-4272=1 * Basesystem Module 15-SP5 zypper in -t patchSUSE-SLE-Module-Basesystem-15-SP5-2023-4272=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2023-4272=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * xorg-x11-server-source-21.1.4-150500.7.7.1 * xorg-x11-server-Xvfb-21.1.4-150500.7.7.1 * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.7.1 * xorg-x11-server-debuginfo-21.1.4-150500.7.7.1 * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.7.1 * xorg-x11-server-sdk-21.1.4-150500.7.7.1 * xorg-x11-server-extra-21.1.4-150500.7.7.1 * xorg-x11-server-debugsource-21.1.4-150500.7.7.1 * xorg-x11-server-21.1.4-150500.7.7.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-Xvfb-21.1.4-150500.7.7.1 * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.7.1 * xorg-x11-server-debuginfo-21.1.4-150500.7.7.1 * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.7.1 * xorg-x11-server-extra-21.1.4-150500.7.7.1 * xorg-x11-server-debugsource-21.1.4-150500.7.7.1 * xorg-x11-server-21.1.4-150500.7.7.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-sdk-21.1.4-150500.7.7.1 * xorg-x11-server-debugsource-21.1.4-150500.7.7.1 * xorg-x11-server-debuginfo-21.1.4-150500.7.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5367.html * https://www.suse.com/security/cve/CVE-2023-5380.html * https://www.suse.com/security/cve/CVE-2023-5574.html * https://bugzilla.suse.com/show_bug.cgi?id=1216133 * https://bugzilla.suse.com/show_bug.cgi?id=1216135 * https://bugzilla.suse.com/show_bug.cgi?id=1216261 . SUSE releases a critical security patch for xorg-x11-server addressing several major vulnerabilities, enhancing overall system protection.. SUSE Security Update, Xorg X11 Server, Memory Safety, Privilege Escalation. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Oct 30, 2023 Important SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200