Joined: 13 Nov 2013 Posts: 1651 Location: Canada
Posted: Tue 30 Oct 2018, 21:50 Post subject:
X.Org flaw : CVE-2018-14665 Subject description: Allows Privilege Escalation in Linux Systems
The issue impacts many large distros with GUI interfaces.
The X server is a core graphics and windowing technology that can be found in most Linux and BSD distributions that use a graphical user interface (GUI). The vulnerability (CVE-2018-14665) affects X server versions 1.19 and later, and has been around for at least two years. X.Org explained that if a vulnerable version of X.org runs on a system as “setuid” root, a logged-in user can use it to gain administrator-level privileges on the machine. From there, the user can create or overwrite files, anywhere on the system, including files owned by privileged users (i.e., an adversary could tamper with data or install malware).
Source : https://threatpost.com/x-org-flaw-allows-privilege-escalation-in-linux-systems/138624/
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum