TTCSIRT-176.102918: TT-CSIRT Advisory – Linux Security Updates
It has been discovered that several Linux Operating Systems including Red Hat, CentOS, Debian, Ubuntu and OpenBSD can be affected by a serious X.Org vulnerability.
This issue is caused by an incorrect command-line parameter validation in the X.org X server which can lead to privilege elevation and/or arbitrary files overwrite especially when the X server is running with elevated privileges (ie when X.org is installed with the setuid bit set and started by a non-root user).
Further information on this vulnerability and how it can be mitigated can be found on the X.Org Website at https://lists.x.org/archives/xorg-announce/2018-October/002927.html |