Government of the Republic of Trinidad and Tobago                                                                                                                                        


News

TTCSIRT-176.102918: TT-CSIRT Advisory – Linux Security Updates

29th October 2018

It has been discovered that several Linux Operating Systems including Red Hat, CentOS, Debian, Ubuntu and OpenBSD can be affected by a serious X.Org vulnerability.

This issue is caused by an incorrect command-line parameter validation in the X.org X server which can lead to privilege elevation and/or arbitrary files overwrite especially when the X server is running with elevated privileges (ie when X.org is installed with the setuid bit set and started by a non-root user).

Further information on this vulnerability and how it can be mitigated can be found on the X.Org Website at https://lists.x.org/archives/xorg-announce/2018-October/002927.html