X.Org X Server Vulnerabilities Fixed in Ubuntu
The X.Org X Server, a fundamental component of graphical user interfaces in Linux systems, recently encountered a series of vulnerabilities. These vulnerabilities, if exploited, could potentially allow attackers to crash the X Server, steal sensitive information, or even execute malicious code on the system. Fortunately, the Ubuntu security team swiftly addressed these issues by releasing security updates for Ubuntu 22.04 LTS (Long Term Support), Ubuntu 20.04 LTS, Ubuntu 23.10, and Ubuntu 23.04.
Let’s delve deeper into the details of these vulnerabilities and the recommended course of action.
Understanding the X.Org X Server Vulnerabilities
CVE-2023-6816 (CVSS v3 Score: 9.8 Critical)
This vulnerability, discovered by Jan-Niklas Sohn, pertains to the X Server’s improper memory handling during the processing of DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could potentially exploit this to crash the X Server, steal sensitive information, or even execute arbitrary code.
CVE-2024-0229
Another discovery by Jan-Niklas Sohn highlighted an issue with the X Server’s handling of reattaching to a different master device. This vulnerability could be exploited to crash the X Server, thereby causing a denial of service or enabling the execution of arbitrary code.
CVE-2024-0408 (CVSS v3 Score: 5.5 Medium)
Olivier Fourdan and Donn Seeley found a vulnerability in the X Server’s incorrect labeling of GLX PBuffers when used in conjunction with SELinux. This flaw could potentially lead to a crash of the X Server, resulting in a denial of service.
CVE-2024-0409 (CVSS v3 Score: 7.8 High)
Olivier Fourdan identified a flaw in the X Server’s incorrect handling of cursor code when operating with SELinux. Exploiting this vulnerability could cause the X Server to crash, leading to a denial of service.
CVE-2024-21885, CVE-2024-21886
Jan-Niklas Sohn once again identified vulnerabilities in the X Server’s memory handling mechanisms. These heap buffer overflow vulnerabilities found in the XISendDeviceHierarchyEvent function and DisableDevice function could be exploited to crash the X Server or execute arbitrary code.
Staying Secure: Patching Your System
These vulnerabilities emphasize how crucial it is to keep your system updated. Patching these vulnerabilities is a straightforward process. You can simply update your xorg-server and xwayland packages to the latest available versions using your distribution’s standard package manager. Users are advised to upgrade these packages immediately to mitigate the risks associated with X.Org X Server vulnerabilities.
TuxCare’s KernelCare Enterprise provides automated security patching for all popular Linux distributions, including Ubuntu, Debian, CentOS, AlmaLinux, RHEL, Rocky Linux, Oracle Linux, CloudLinux, and more. It ensures all security patches are deployed automatically without having to reboot the system or schedule maintenance windows. Learn more about the live patching approach for Linux.
Source: USN-6587-1