3
A security release for xorg-server
source link: https://lwn.net/Articles/917790/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
A security release for xorg-server
[Posted December 14, 2022 by corbet]
X.org users running in potentially hostile environments will want to look
into the xorg-server 21.1.5 release, which
fixes several potentially serious security
vulnerabilities. "All theses issues can lead to local privileges
elevation on systems where the X server is running privileged and remote
code execution for ssh X forwarding sessions".
(Log in to post comments)
(Log in to post comments)
A security release for xorg-server
Posted Dec 14, 2022 15:30 UTC (Wed) by NightMonkey (subscriber, #23051) [Link]
"Additional, the swapped event is written into a stack-allocated struct
xEvent (size 32 bytes). For any GenericEvent longer than 32 bytes,
swapping the event may thus smash the stack like an avocado on toast."
xEvent (size 32 bytes). For any GenericEvent longer than 32 bytes,
swapping the event may thus smash the stack like an avocado on toast."
This set of release notes has a nice Easter egg. :)
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK