Ubuntu alert USN-7085-2 (xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04)
| From: | "Leonidas S. Barbosa" <leo.barbosa@canonical.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7085-2] X.Org X Server vulnerability | |
| Date: | Wed, 30 Oct 2024 12:25:41 -0300 | |
| Message-ID: | <20241030152541.GA269690@tpl41n> |
========================================================================== Ubuntu Security Notice USN-7085-2 October 30, 2024 xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: X.Org X Server could be made to crash or run programs if it received specially crafted data. Software Description: - xorg-server: X.Org X11 server - xorg-server-hwe-18.04: X.Org X11 server - xorg-server-hwe-16.04: X.Org X11 server Details: USN-7085-1 fixed a vulnerability in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations in the X Keyboard Extension. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS xserver-xorg-core 2:1.19.6-1ubuntu4.15+esm9 Available with Ubuntu Pro xserver-xorg-core-hwe-18.04 2:1.20.8-2ubuntu2.2~18.04.11+esm1 Available with Ubuntu Pro xwayland 2:1.19.6-1ubuntu4.15+esm9 Available with Ubuntu Pro xwayland-hwe-18.04 2:1.20.8-2ubuntu2.2~18.04.11+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS xserver-xorg-core 2:1.18.4-0ubuntu0.12+esm14 Available with Ubuntu Pro xserver-xorg-core-hwe-16.04 2:1.19.6-1ubuntu4.1~16.04.6+esm6 Available with Ubuntu Pro xwayland 2:1.18.4-0ubuntu0.12+esm14 Available with Ubuntu Pro xwayland-hwe-16.04 2:1.19.6-1ubuntu4.1~16.04.6+esm6 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7085-2 https://ubuntu.com/security/notices/USN-7085-1 CVE-2024-9632
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAmciT/IACgkQRbznW4QL H2nyfg/8D0NxKuw+y2NYntIgWfLX9sBhaxRXmdT67qRkG3+tmMIYZuhwIP1h8M33 QIfmn9cLZMn7B/qVv0RreyzECeHrqOjnF5e3xX3WYnpOSpI33lcMX2mMOQZm8Kl3 8NicnCCPxq8N7NNm6AkzY8QpEKZu4WEGhUyp+TV7KbvSQJwQBOvBF7Ug/6MXY36q efe9J/Naf1UsmxU8QlaSQEgtc74bNCf8TM3bXu8i/0rTddhfCcJwVhJZobhou+al vuZO7AedYLxuVH1wsc5oYBu0v7HXSH+FMS8hfvFFAQvYr0GLOU9zQNJrTjcV52Zj 7EbRq85KHU7dHrH0SQBePM4xsOVwYEH9eThCHmjnsLaIj8ddxjqcKq/4z/sLWU0s f/imW6cGsFO3il2bHj+zen04YsMdqHcGL9+bAVVr8WzvEkW88bIPzhQ4vyWkSQWe e1Q9vzDQ5DO4Ftmsif5uPGeZhi5kWqdvDHTq3iH8qnWR/VXPivuQid1W2X5V+are 9G57Bj1wmNHmj3cTd4uoghvXhThVduIe0UCa7uz/G5X94F1EzPJEoYNMnaPeA8dW hNJbqmoQseneeD560UFVWorDFb/yvW81QXM0cx+4YqWdRkX4XJeyjJ9kTV0ecoYp LxFaqwwhIlfqBubOvkzAhGhSAguiDzSHhmAd+sSDUb8UddVRj8I= =PZGX -----END PGP SIGNATURE-----
Attachment: None (type=text/plain)