GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Sat May 01, 2021 1:26 am Post subject: [ GLSA 202104-02 ] X.Org X Server |
 |
|
Gentoo Linux Security Advisory
Title: X.Org X Server: Privilege escalation (GLSA 202104-02)
Severity: high
Exploitable: local, remote
Date: 2021-04-30
Bug(s): #782679
ID: 202104-02
Synopsis
A vulnerability in X.Org X Server may allow users to escalate
privileges.
Background
The X Window System is a graphical windowing system based on a
client/server model.
Affected Packages
Package: x11-base/xorg-server
Vulnerable: < 1.20.11
Unaffected: >= 1.20.11
Architectures: All supported architectures
Description
It was discovered that X.Org X Server did not sufficiently check the
length of the XInput extension’s ChangeFeedbackControl request.
Impact
An authorized attacker could possibly escalate privileges, or cause a
Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All X.Org X Server users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=x11-base/xorg-server-1.20.11"
|
References
CVE-2021-3472 |
|
News & Announcements
