Debian Security Advisory 5800-1
2024-10-30 23:38:16 Author: packetstormsecurity.com(查看原文) 阅读量:1 收藏

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5800-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
October 29, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : xorg-server
CVE ID : CVE-2024-9632
Debian Bug : 1086244

Jan-Niklas Sohn discovered that a heap-based buffer overflow in the
_XkbSetCompatMap function in the X Keyboard Extension of the X.org X
server may result in privilege escalation if the X server is running
privileged.

For the stable distribution (bookworm), this problem has been fixed in
version 2:21.1.7-3+deb12u8.

We recommend that you upgrade your xorg-server packages.

For the detailed security status of xorg-server please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/xorg-server

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmchKQNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0S1og//Qc+fk1SZNKINd1d/ItoR5XQQGU4V92/kQKcfNu97F2DLcb1wUc+BZAaY
yr1HS+ru3pY25XOKYLgR7Tx///BEXzYxKdNxLGVMXzJqU06oSYXAkUBERFW5aU0/
ayaV+UtwaX7ADUwYpCeJbQJcudMw3YtPlkRpN1uCs/lHMHPcbsGpZt4VBpItksrs
iRpqq40eQiPafzGBpzx40ejaJyn200s9hYNN6dieqNDQTW6MmGSI9OLfY5alze6M
Iot3mopREg/iKJblNz7+T2mKng0TEPY2PgolcsmHjvHEKCrWmWcGKwWHKlbvfpJX
s1522AAWS5aJeW8r6TeGbOa298caLsW4doQa/6EX4HeADQu7SjV9oXZwrUtGsCxn
eb6oLUGhHs0FGmY/Hvfng/ouZwSj1wKWE45hMCJ1HRSlpbfCoJxQlFpNLWQziFaS
TuzebmpPXfbrbcXb7tNgUPtLcayu09JwJWxZLYPYcFDXZe1wUz3ZQIWkKHizXkSI
NZtQYdLMKqBp99XR65vkTORS7QWkpdaW6AY6JujoihKFzh+wRM7qKtgflHl6qTLd
mPK8DU/qe5jCs5oqzLvQ7sZUb95JqhYaLf8ZWH6koTHLHqnMt9wOxqoEPoFfk4Lz
TH0FizIOHO6imr6USG+ubOtlf/nd1py1achR9ihKtd+0GE0Hx8Q=
=Y9nq
-----END PGP SIGNATURE-----


文章来源: https://packetstormsecurity.com/files/182411/dsa-5800-1.txt
如有侵权请联系:admin#unsafe.sh