-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmciEB4ACgkQZWnYVadE
vpM0xQ//QZodxT1iIt8sx58lWxqcemoJtgXERfvb6jvks2eFDpgOo/CrnDt9NAI8
4MkgfG0AkJ2ueBPxN6q6AR33JXKEoFKne90S4+GHkYmPUDbLbVGHIM7QKpRDZWlu
ijhaPst2RAkaCo/RLBKo/UjQ42aaRPOCUFOX4sivH7kNXWyGOzjKgEXkaTf+I32S
g9/OrztOta2SOqVZ5+ShBnLO0zph9lGufTbcs7UYf6UXljq5Bp4Ns8aBRSkiuQ+r
zEqlNIkWsLyodw9XOBShTCE25IpStVM+6VEKiYcH9JoIhimsxSxynCYVLrpvRemv
TOBUEz19rLmDYWFmcNT88GlXWnVYgcvlRUPeofhL/V/ErChBSE6xbfDnxW2ffpe+
pju8m+KK1b0+YXf/fZY3XF67YXEnNn7SwbEmn0Q2h68llNPIGpY5ZsthutMZlRCe
sUhS4olgO/ZoDjTJHQj/jhguxCTZKYbeq8RcjyYuWXacDLRUFsAQN1Kj8VekUEZl
3c3ROIz3vgxv59noIAy1uMMynH+sOXKax7dj+X0Xrpbm/k2KtGzCrtxZbO94hVkH
Ifi53sulTuk7jYwIM9qmaQtNxujqLHM0X10Lkt/Ksy7Dyp5M1ZzM6vlajU+y3iVk
ev6LxEvw7RLCTZYKVZF/DZnWZnpxsWPwcwwkZIn9ULXBZr092Q4=
=yvVJ
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7085-1
October 30, 2024
xorg-server, xwayland vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
X.Org X Server could be made to crash or run programs if it received
specially crafted data.
Software Description:
- xorg-server: X.Org X11 server
- xwayland: X server for running X clients under Wayland
Details:
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain memory operations in the X Keyboard Extension. An attacker could
use this issue to cause the X Server to crash, leading to a denial of
service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.10
xserver-xorg-core 2:21.1.13-2ubuntu1.1
xwayland 2:24.1.2-1ubuntu0.1
Ubuntu 24.04 LTS
xserver-xorg-core 2:21.1.12-1ubuntu1.1
xwayland 2:23.2.6-1ubuntu0.1
Ubuntu 22.04 LTS
xserver-xorg-core 2:21.1.4-2ubuntu1.7~22.04.12
xwayland 2:22.1.1-1ubuntu0.14
Ubuntu 20.04 LTS
xserver-xorg-core 2:1.20.13-1ubuntu1~20.04.18
xwayland 2:1.20.13-1ubuntu1~20.04.18
After a standard system update you need to reboot your computer to make all
the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7085-1
CVE-2024-9632
Package Information:
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.13-2ubuntu1.1
https://launchpad.net/ubuntu/+source/xwayland/2:24.1.2-1ubuntu0.1
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.12-1ubuntu1.1
https://launchpad.net/ubuntu/+source/xwayland/2:23.2.6-1ubuntu0.1
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.4-2ubuntu1.7~22.04.12
https://launchpad.net/ubuntu/+source/xwayland/2:22.1.1-1ubuntu0.14
https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.13-1ubuntu1~20.04.18
No comments:
Post a Comment