Peter Hutterer
2023-Feb-07 01:20 UTC
X.Org Security Advisory: Security issue in the X server
X.Org Security Advisory: February 07, 2023 Security issue in the X server ============================= This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. * CVE-2023-0494/ZDI-CAN-19596: X.Org Server DeepCopyPointerClasses use-after-free A dangling pointer in DeepCopyPointerClasses can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read/write into freed memory. Patches ------- A patch for this issue has been committed to the xorg server git repository. xorg-server 21.1.7 will be released shortly and will include this patch. - commit 0ba6d8c37071131a49790243cdac55392ecf71ec Xi: fix potential use-after-free in DeepCopyPointerClasses CVE-2023-0494, ZDI-CAN 19596 Thanks ===== The vulnerabilities have been discovered by Jan-Niklas Sohn working with Trend Micro Zero Day Initiative. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 195 bytes Desc: not available URL: <https://lists.x.org/archives/xorg-announce/attachments/20230207/05c7257b/attachment.sig>