CVE-2018-14665

Опубликовано: 25 окт. 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.2

CVSS3: 6.6

Описание

A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.

Релиз	Статус	Примечание
bionic	not-affected	code not present
cosmic	not-affected	code not present
devel	not-affected	code not present
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [code not present]]
esm-infra/bionic	not-affected	code not present
esm-infra/xenial	not-affected	code not present
precise/esm	DNE
trusty	not-affected	code not present
trusty/esm	DNE	trusty was not-affected [code not present]
upstream	not-affected

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	code not present
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	not-affected
xenial	not-affected	code not present

Показывать по

Релиз	Статус	Примечание
bionic	released	2:1.19.6-1ubuntu4.2
cosmic	released	2:1.20.1-3ubuntu2.1
devel	released	2:1.20.1-3ubuntu2.1
esm-infra-legacy/trusty	not-affected	2:1.15.1-0ubuntu2.11
esm-infra/bionic	released	2:1.19.6-1ubuntu4.2
esm-infra/xenial	not-affected	2:1.18.4-0ubuntu0.8
precise/esm	DNE
trusty	not-affected	2:1.15.1-0ubuntu2.11
trusty/esm	not-affected	2:1.15.1-0ubuntu2.11
upstream	needs-triage

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	released	2:1.19.6-1ubuntu4.1~16.04.2
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	needs-triage
xenial	released	2:1.19.6-1ubuntu4.1~16.04.2

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of life]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of life]
upstream	needs-triage
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of life]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of life]
upstream	needs-triage
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of life]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of life]
upstream	needs-triage
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [2:1.18.3-1ubuntu2.3~trusty4]]
precise/esm	DNE
trusty	not-affected	2:1.18.3-1ubuntu2.3~trusty4
trusty/esm	DNE	trusty was not-affected [2:1.18.3-1ubuntu2.3~trusty4]
upstream	needs-triage
xenial	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 88%

0.04059

Низкий

7.2 High

CVSS2

6.6 Medium

CVSS3

Связанные уязвимости

CVE-2018-14665

CVSS3: 6.6

redhat

около 7 лет назад

CVE-2018-14665

CVSS3: 6.6

nvd

около 7 лет назад

CVE-2018-14665

CVSS3: 6.6

debian

около 7 лет назад

A flaw was found in xorg-x11-server before 1.20.3. An incorrect permis ...

openSUSE-SU-2018:3800-1

suse-cvrf

почти 7 лет назад

Security update for xorg-x11-server

SUSE-SU-2018:3680-1

suse-cvrf

около 7 лет назад

Security update for xorg-x11-server

EPSS

Процентиль: 88%

0.04059

Низкий

7.2 High

CVSS2

6.6 Medium

CVSS3

CVE-2018-14665

Описание

Пакет xorg

Пакет xorg-hwe-16.04

Пакет xorg-server

Пакет xorg-server-hwe-16.04

Пакет xorg-server-lts-utopic

Пакет xorg-server-lts-vivid

Пакет xorg-server-lts-wily

Пакет xorg-server-lts-xenial

Ссылки на источники

Связанные уязвимости