Ubuntu alert USN-7299-4 (xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04)
| From: | "Leonidas S. Barbosa" <leo.barbosa@canonical.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7299-4] X.Org X Server regression | |
| Date: | Mon, 17 Mar 2025 07:22:43 -0300 | |
| Message-ID: | <20250317102243.GA1933257@d4rkl41n> |
========================================================================== Ubuntu Security Notice USN-7299-4 March 17, 2025 xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04 regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in X.Org X Server. Software Description: - xorg-server: X.Org X11 server - xorg-server-hwe-18.04: X.Org X11 server - xorg-server-hwe-16.04: X.Org X11 server Details: USN-7299-2 fix vulnerabilities in X.Org X Server. This fix caused a regression in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update fix the regression and re-apply the fix for the CVE listed. We apologize for the inconvenience. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could use these issues to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS xserver-xorg-core 2:1.19.6-1ubuntu4.15+esm12 Available with Ubuntu Pro xserver-xorg-core-hwe-18.04 2:1.20.8-2ubuntu2.2~18.04.11+esm4 Available with Ubuntu Pro xwayland 2:1.19.6-1ubuntu4.15+esm12 Available with Ubuntu Pro xwayland-hwe-18.04 2:1.20.8-2ubuntu2.2~18.04.11+esm4 Available with Ubuntu Pro Ubuntu 16.04 LTS xserver-xorg-core 2:1.18.4-0ubuntu0.12+esm17 Available with Ubuntu Pro xserver-xorg-core-hwe-16.04 2:1.19.6-1ubuntu4.1~16.04.6+esm9 Available with Ubuntu Pro xwayland 2:1.18.4-0ubuntu0.12+esm17 Available with Ubuntu Pro xwayland-hwe-16.04 2:1.19.6-1ubuntu4.1~16.04.6+esm9 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7299-4 https://ubuntu.com/security/notices/USN-7299-3 https://ubuntu.com/security/notices/USN-7299-2 https://ubuntu.com/security/notices/USN-7299-1 CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597, CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601, https://launchpad.net/bugs/2102209
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAmfX9+8ACgkQRbznW4QL H2l1Eg//RTJ35GZ1182TpbPtbvMJEIoRJg7MvzE86OfU91FkD3HH8ETzhzLzeKhE BAhrA98PSdup14TA6MglrgdVaO62bX4+q6n/WGQqkWvGRlT+/L5b/t/HAcLBVT6Q PZGAf1YtyuS1z5bAAzQIJo3q5S19eCDYm86AdxZ71txxuMbaNVtvPk5qHnrWAGfp t2E+3WNBLVwqaGh6XVVuHVlW3hMt8My2dkFuuTGwwwS2jDAd6C8rEhRnmcW7mAn1 UGAcOy7cE6ti3RR8liRqdDhOhUgfyp5EwJrsfNkmvhb1ZDvMdeBg5V5HgQ+Y5kek pt6cJuv1Q/uIo5QoHMciX75nqIda7OhnzlF2r6TN0Xzx+vpOPAcYStt/jGNWp58w D0FaZFG0Eva4gsFnUkSX0HazSW/D78JcxXwDhpK7hq2G8z/aVZuNU6A4IZaJWCIX UyhUbI6iGAxekxJRexowFJ5oAAgXo6KLVdXc9SVMJiLTvnlRrWAQ6giIbnzsgd0T jVMHtyLcVzEqtdpWYGNeTVJNmAywGHlwy1RjQLCWlTsaXOzVUK6aeAMGqlxMXV8c N5mmx3CZZAVS9iHAGk7mkm6ApZRqsW34m7c5wd1mlPe4Y5m9Cq2baABMQe2j+eB+ V9JDxZ8F+wITIBTeJp8Pkk7qE+XEqhIOI9xmOgb9h9I7D1gQ3dA= =uHh3 -----END PGP SIGNATURE-----
Attachment: None (type=text/plain)