Описание
A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2:1.19.6-1ubuntu4.13 |
| devel | released | 2:21.1.5-1ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 2:1.15.1-0ubuntu2.11+esm7 |
| esm-infra/bionic | not-affected | 2:1.19.6-1ubuntu4.13 |
| esm-infra/focal | not-affected | 2:1.20.13-1ubuntu1~20.04.5 |
| esm-infra/xenial | released | 2:1.18.4-0ubuntu0.12+esm5 |
| focal | released | 2:1.20.13-1ubuntu1~20.04.5 |
| jammy | released | 2:21.1.3-2ubuntu2.5 |
| kinetic | released | 2:21.1.4-2ubuntu1.3 |
| lunar | released | 2:21.1.5-1ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| esm-infra/focal | DNE | |
| esm-infra/xenial | released | 2:1.19.6-1ubuntu4.1~16.04.6+esm4 |
| focal | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| trusty | DNE | |
| upstream | needs-triage | |
| xenial | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2:1.20.8-2ubuntu2.2~18.04.9 |
| esm-infra/bionic | not-affected | 2:1.20.8-2ubuntu2.2~18.04.9 |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| trusty | DNE | |
| upstream | needs-triage | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| trusty | ignored | end of standard support |
| upstream | needs-triage | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| trusty | ignored | end of standard support |
| upstream | needs-triage | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| trusty | ignored | end of standard support |
| upstream | needs-triage | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| trusty | ignored | end of standard support |
| upstream | needs-triage | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | released | 2:22.1.6-1 |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | released | 2:22.1.1-1ubuntu0.4 |
| kinetic | released | 2:22.1.3-2ubuntu0.2 |
| lunar | released | 2:22.1.6-1 |
| trusty | DNE | |
| upstream | needs-triage | |
| xenial | DNE |
Показывать по
EPSS
8.8 High
CVSS3
Связанные уязвимости
A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
A vulnerability was found in X.Org. This security flaw occurs because ...
A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
Уязвимость функции ScreenSaverSetAttributes реализации сервера X Window System X.Org Server, реализации протокола Wayland для X.Org XWayland, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
8.8 High
CVSS3