Project

General

Profile

Bug #9596

xorg-server: Incorrect permission check in Xorg X server allows for privilege escalation (CVE-2018-14665)

Added by Alicha CH 7 months ago. Updated 7 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
-
Start date:
10/29/2018
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Affected versions:
Security IDs:

Description

A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when
starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their
privileges and run arbitrary code under root privileges.

Fixed In Version:

xorg-server 1.20.3

References:

https://nvd.nist.gov/vuln/detail/CVE-2018-14665
https://marc.info/?l=oss-security&m=154047832307726&w=2

Patch:

Introduced by: https://gitlab.freedesktop.org/xorg/xserver/commit/032b1d79b7d04d47814a5b3a9fdd162249fea74c (1.19.0)
Fixed by: https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e


Subtasks

Bug #9597: [3.9] xorg-server: Incorrect permission check in Xorg X server allows for privilege escalation (CVE-2018-14665)ClosedNatanael Copa

Bug #9598: [3.8] xorg-server: Incorrect permission check in Xorg X server allows for privilege escalation (CVE-2018-14665)ClosedNatanael Copa

Bug #9599: [3.7] xorg-server: Incorrect permission check in Xorg X server allows for privilege escalation (CVE-2018-14665)ClosedNatanael Copa

Bug #9600: [3.6] xorg-server: Incorrect permission check in Xorg X server allows for privilege escalation (CVE-2018-14665)ClosedNatanael Copa


Related issues

Copied to Alpine Linux - Bug #9597: [3.9] xorg-server: Incorrect permission check in Xorg X server allows for privilege escalation (CVE-2018-14665)Closed10/29/2018

History

#1 Updated by Alicha CH 7 months ago

  • Copied to Bug #9597: [3.9] xorg-server: Incorrect permission check in Xorg X server allows for privilege escalation (CVE-2018-14665) added

#2 Updated by Alicha CH 7 months ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from New to Closed
  • Security IDs deleted (CVE-2018-14665)

Also available in: Atom PDF