Описание
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
Отчет
Xorg server does not run with root privileges in Red Hat Enterprise Linux 8 and 9, therefore Red Hat Enterprise Linux 8 and 9 have been rated with Moderate severity.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | tigervnc | Out of support scope | ||
| Red Hat Enterprise Linux 6 | xorg-x11-server | Out of support scope | ||
| Red Hat Enterprise Linux 7 | tigervnc | Fixed | RHSA-2023:0675 | 08.02.2023 |
| Red Hat Enterprise Linux 7 | xorg-x11-server | Fixed | RHSA-2023:0675 | 08.02.2023 |
| Red Hat Enterprise Linux 8 | tigervnc | Fixed | RHSA-2023:0662 | 08.02.2023 |
| Red Hat Enterprise Linux 8 | xorg-x11-server-Xwayland | Fixed | RHSA-2023:2805 | 16.05.2023 |
| Red Hat Enterprise Linux 8 | xorg-x11-server | Fixed | RHSA-2023:2806 | 16.05.2023 |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | tigervnc | Fixed | RHSA-2023:0665 | 08.02.2023 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | tigervnc | Fixed | RHSA-2023:0671 | 08.02.2023 |
| Red Hat Enterprise Linux 8.2 Telecommunications Update Service | tigervnc | Fixed | RHSA-2023:0671 | 08.02.2023 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.8 High
CVSS3
Связанные уязвимости
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
A vulnerability was found in X.Org. This issue occurs due to a danglin ...
EPSS
7.8 High
CVSS3