X.Org Server Hit By New Local Privilege Escalation, Remote Code Execution Vulnerabilities

by
BeauHD
from Slashdot on (#61BJJ)
Getting things started for this "Patch Tuesday" are the disclosure of two new X.Org Server vulnerabilities. Phoronix reports: These issues affecting out-of-bounds accesses with the X.Org Server can lead to local privilege elevation on systems where the X.Org Server is running privileged and remote code execution for SSH X forwarding sessions. CVE-2022-2319 and CVE-2022-2320 were made public this morning and both deal with the X.Org Server's Xkb keyboard extension not properly validating input that could lead to out-of-bounds memory writes. Fixes for these XKB vulnerabilities have been patched in X.Org Server Git and xorg-server 21.1.4 point release is expected soon with these fixes. Both vulnerabilities were discovered by Trend Micro's Zero Day Initiative.

twitter_icon_large.pngfacebook_icon_large.png

Read more of this story at Slashdot.

External Content
Source RSS or Atom Feed
Feed Location https://rss.slashdot.org/Slashdot/slashdotMain
Feed Title Slashdot
Feed Link https://slashdot.org/
Feed Copyright Copyright Slashdot Media. All Rights Reserved.
Reply 0 comments