Government of the Republic of Trinidad and Tobago                                                                                                                                        


TTCSIRT-176.102918: TT-CSIRT Advisory – Linux Security Updates

29th October 2018

It has been discovered that several Linux Operating Systems including Red Hat, CentOS, Debian, Ubuntu and OpenBSD can be affected by a serious X.Org vulnerability.

This issue is caused by an incorrect command-line parameter validation in the X server which can lead to privilege elevation and/or arbitrary files overwrite especially when the X server is running with elevated privileges (ie when is installed with the setuid bit set and started by a non-root user).

Further information on this vulnerability and how it can be mitigated can be found on the X.Org Website at