MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
server
Recherche

Local Privilege Escalation Vulnerability Affecting X.Org Server For 18 Years

mardi 29 octobre 2024, 23:00 , par Slashdot
Phoronix's Michael Larabel reports: CVE-2024-9632 was made public today as the latest security vulnerability affecting the X.Org Server. The CVE-2024-9632 security issue has been present in the codebase now for 18 years and can lead to local privilege escalation. Introduced in the X.Org Server 1.1.1 release back in 2006, CVE-2024-9632 affects the X.Org Server as well as XWayland too. By providing a modified bitmap to the X.Org Server, a heap-based buffer overflow privilege escalation can occur.

This security issue is within _XkbSetCompatMap() and stems from not updating the heap size properly and can lead to local privilege escalation if the server is run as root or as a remote code execution with X11 over SSH. You can read the security advisory announcement here.

Read more of this story at Slashdot.
https://it.slashdot.org/story/24/10/29/2029233/local-privilege-escalation-vulnerability-affecting-xo...

Voir aussi

News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Date Actuelle
dim. 22 déc. - 11:58 CET