X.Org - (bulletinoct2018)ID: oval:org.secpod.oval:def:2103389 | Date: (C)2020-01-19 (M)2024-01-29 |
Class: PATCH | Family: unix |
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.
Product: |
x11/server/xvfb |
x11/server/xserver-common |
x11/server/xorg |
x11/server/xorg/driver/xorg-video |
x11/server/xephyr |
x11/server/xdmx |
x11/modeline-utilities |