Ubuntu Security Notice USN-7085-1

Ubuntu Security Notice USN-7085-1: Posted Oct 30, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 7085-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations in the X Keyboard Extension. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2024-9632; SHA-256 | bbf083f3d2d1406b17c352954c3eb9443be7fb0019d52c848f3b9d5be201e1e4; Download | Favorite | View

Ubuntu Security Notice USN-7085-1

==========================================================================
Ubuntu Security Notice USN-7085-1
October 30, 2024

xorg-server, xwayland vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

X.Org X Server could be made to crash or run programs if it received
specially crafted data.

Software Description:
- xorg-server: X.Org X11 server
- xwayland: X server for running X clients under Wayland

Details:

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain memory operations in the X Keyboard Extension. An attacker could
use this issue to cause the X Server to crash, leading to a denial of
service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
  xserver-xorg-core               2:21.1.13-2ubuntu1.1
  xwayland                        2:24.1.2-1ubuntu0.1

Ubuntu 24.04 LTS
  xserver-xorg-core               2:21.1.12-1ubuntu1.1
  xwayland                        2:23.2.6-1ubuntu0.1

Ubuntu 22.04 LTS
  xserver-xorg-core               2:21.1.4-2ubuntu1.7~22.04.12
  xwayland                        2:22.1.1-1ubuntu0.14

Ubuntu 20.04 LTS
  xserver-xorg-core               2:1.20.13-1ubuntu1~20.04.18
  xwayland                        2:1.20.13-1ubuntu1~20.04.18

After a standard system update you need to reboot your computer to make all
the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7085-1
  CVE-2024-9632

Package Information:
  https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.13-2ubuntu1.1
  https://launchpad.net/ubuntu/+source/xwayland/2:24.1.2-1ubuntu0.1
  https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.12-1ubuntu1.1
  https://launchpad.net/ubuntu/+source/xwayland/2:23.2.6-1ubuntu0.1
  https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.4-2ubuntu1.7~22.04.12
  https://launchpad.net/ubuntu/+source/xwayland/2:22.1.1-1ubuntu0.14
  https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.13-1ubuntu1~20.04.18

Top Authors In Last 30 Days

Red Hat 300 files
Ubuntu 63 files
Debian 20 files
LiquidWorm 19 files
Apple 9 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files
nu11secur1ty 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,928)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,326)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,981)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Ubuntu Security Notice USN-7085-1

Ubuntu Security Notice USN-7085-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Ubuntu Security Notice USN-7085-1

Share This

Ubuntu Security Notice USN-7085-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems