1 枯れ果てた名無し@転載禁止 (ca5f38e1) 2024/11/01 (金) 16:02:16.759 ID:N0dcDP4EO
A high-severity vulnerability was found in the X.Org Server, the popular display server for Linux and other Unix-like operating systems. Tracked as CVE-2024-9632, this flaw has been lurking in the codebase for a staggering 18 years and could allow attackers to gain control of vulnerable systems.
This vulnerability could lead to:
・Denial of Service (DoS): The attacker could crash the X.Org Server, disrupting the graphical user interface and rendering the system unusable.
・Local Privilege Escalation: In distributions where the X.Org Server runs with root privileges, the attacker could gain elevated permissions, potentially taking complete control of the system.
・Remote Code Execution: If X11 forwarding is enabled over SSH, a remote attacker could potentially exploit this vulnerability to execute arbitrary code on the target system.
CVE-2024-9632 affects all versions of the X.Org Server since its 1.1.1 release in 2006, including XWayland.
This means a vast number of Linux and Unix-like systems could be vulnerable.
The X.Org Foundation has released patched versions of the X.Org Server (21.1.14) and XWayland (24.1.4) to address this vulnerability.
Users are strongly urged to update their systems to these latest versions immediately.
https://securityonline.info/cve-2024-9632-18-year-old-bug-in-x-org-server-leaves-systems-vulnerable-to-attack/
2 枯れ果てた名無し@転載禁止 2024/11/02 (土) 02:06:10.286 ID:XiUdw5nEq
18年物だあ😳