0
X.org vulnerability and releases
source link: https://lwn.net/Articles/927887/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
X.org vulnerability and releases [LWN.net]
User:
Password: |
|
X.org vulnerability and releases
[Posted March 30, 2023 by jake]
The X.Org project has announced a vulnerability in its X server and Xwayland (CVE-2023-1393).
(Log in to post comments)
This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.[...] If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
That has led to the release of xorg-server 21.1.8, xwayland 22.1.9, and xwayland 23.1.1.
(Log in to post comments)
Copyright © 2023, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK