Описание
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.
Отчет
As per upstream, exploiting this flaw is non-trivial and it requires exact timing on the behalf of the attacker. Many graphical applications exit if their connection to the X server is lost, so a typical desktop session is either impossible or difficult to exploit. There is currently no upstream patch available for this flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | xorg-x11-server | Out of support scope | ||
| Red Hat Enterprise Linux 7 | xorg-x11-server | Out of support scope | ||
| Red Hat Enterprise Linux 8 | xorg-x11-server | Will not fix | ||
| Red Hat Enterprise Linux 9 | xorg-x11-server | Affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7 High
CVSS3
Связанные уязвимости
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.
A privilege escalation flaw was found in the Xorg-x11-server due to a ...
EPSS
7 High
CVSS3