Home[1] Files[2] News[3] &[SERVICES_TAB] Contact[4] Add New[5]
- Ubuntu Security Notice USN-6721-1[6]
- Authored by Ubuntu[7] | Site security.ubuntu.com[8]
-
Ubuntu Security Notice 6721-1 - It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. It was discovered that X.Org X Server incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a crash or expose sensitive information.
- systems | linux[9], ubuntu[10]
- advisories | CVE-2024-31080[11], CVE-2024-31083[12]
- SHA-256 |
4882781902435137ae8b1fd009b4c4df6d61f4ae936be03a8ca2819d4d11c896
- Download[13] | Favorite[14] | View[15]
Change Mirror[16] Download[17]
==========================================================================
Ubuntu Security Notice USN-6721-1
April 04, 2024
xorg-server, xwayland vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in X.Org X Server, xwayland.
Software Description:
- xorg-server: X.Org X11 server
- xwayland: X server for running X clients under Wayland
Details:
It was discovered that X.Org X Server incorrectly handled certain data.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2024-31080, CVE-2024-31081, CVE-2024-31082)
It was discovered that X.Org X Server incorrectly handled certain glyphs.
An attacker could possibly use this issue to cause a crash or expose sensitive
information. (CVE-2024-31083)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.10:
xserver-xorg-core 2:21.1.7-3ubuntu2.8
xwayland 2:23.2.0-1ubuntu0.5
Ubuntu 22.04 LTS:
xserver-xorg-core 2:21.1.4-2ubuntu1.7~22.04.9
xwayland 2:22.1.1-1ubuntu0.12
Ubuntu 20.04 LTS:
xserver-xorg-core 2:1.20.13-1ubuntu1~20.04.16
xwayland 2:1.20.13-1ubuntu1~20.04.16
Ubuntu 18.04 LTS (Available with Ubuntu Pro):
xserver-xorg-core 2:1.19.6-1ubuntu4.15+esm7
xwayland 2:1.19.6-1ubuntu4.15+esm7
Ubuntu 16.04 LTS (Available with Ubuntu Pro):
xserver-xorg-core 2:1.18.4-0ubuntu0.12+esm12
xwayland 2:1.18.4-0ubuntu0.12+esm12
Ubuntu 14.04 LTS (Available with Ubuntu Pro):
xserver-xorg-core 2:1.15.1-0ubuntu2.11+esm11
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6721-1
CVE-2024-31080, CVE-2024-31081, CVE-2024-31082, CVE-2024-31083
Package Information:
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.7-3ubuntu2.8
https://launchpad.net/ubuntu/+source/xwayland/2:23.2.0-1ubuntu0.5
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.4-2ubuntu1.7~22.04.9
https://launchpad.net/ubuntu/+source/xwayland/2:22.1.1-1ubuntu0.12
https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.13-1ubuntu1~20.04.16
File Tags
- ActiveX[23] (933)
- Advisory[24] (84,711)
- Arbitrary[25] (16,642)
- BBS[26] (2,859)
- Bypass[27] (1,826)
- CGI[28] (1,032)
- Code Execution[29] (7,629)
- Conference[30] (689)
- Cracker[31] (844)
- CSRF[32] (3,373)
- DoS[33] (24,514)
- Encryption[34] (2,383)
- Exploit[35] (52,774)
- File Inclusion[36] (4,251)
- File Upload[37] (984)
- Firewall[38] (822)
- Info Disclosure[39] (2,845)
- Intrusion Detection[40] (906)
- Java[41] (3,118)
- JavaScript[42] (889)
- Kernel[43] (6,999)
- Local[44] (14,706)
- Magazine[45] (586)
- Overflow[46] (13,033)
- Perl[47] (1,430)
- PHP[48] (5,194)
- Proof of Concept[49] (2,367)
- Protocol[50] (3,695)
- Python[51] (1,599)
- Remote[52] (31,388)
- Root[53] (3,617)
- Rootkit[54] (522)
- Ruby[55] (619)
- Scanner[56] (1,650)
- Security Tool[57] (7,975)
- Shell[58] (3,247)
- Shellcode[59] (1,217)
- Sniffer[60] (900)
- Spoof[61] (2,258)
- SQL Injection[62] (16,525)
- TCP[63] (2,423)
- Trojan[64] (688)
- UDP[65] (897)
- Virus[66] (668)
- Vulnerability[67] (32,562)
- Web[68] (9,864)
- Whitepaper[69] (3,773)
- x86[70] (967)
- XSS[71] (18,165)
- Other[72]
File Archives
- April 2024[73]
- March 2024[74]
- February 2024[75]
- January 2024[76]
- December 2023[77]
- November 2023[78]
- October 2023[79]
- September 2023[80]
- August 2023[81]
- July 2023[82]
- June 2023[83]
- May 2023[84]
- Older[85]
Systems
- AIX[86] (429)
- Apple[87] (2,078)
- BSD[88] (376)
- CentOS[89] (58)
- Cisco[90] (1,927)
- Debian[91] (7,003)
- Fedora[92] (1,693)
- FreeBSD[93] (1,246)
- Gentoo[94] (4,467)
- HPUX[95] (880)
- iOS[96] (373)
- iPhone[97] (108)
- IRIX[98] (220)
- Juniper[99] (69)
- Linux[100] (49,111)
- Mac OS X[101] (691)
- Mandriva[102] (3,105)
- NetBSD[103] (256)
- OpenBSD[104] (488)
- RedHat[105] (15,424)
- Slackware[106] (941)
- Solaris[107] (1,611)
- SUSE[108] (1,444)
- Ubuntu[109] (9,413)
- UNIX[110] (9,385)
- UnixWare[111] (187)
- Windows[112] (6,645)
- Other[113]
- Services
- Security Services[124]
- Hosting By
- Rokasec[125]
Read more https://packetstormsecurity.com/files/177965/USN-6721-1.txt