Xorg X server is a popular open-source implementation of the X11 system (display server) that offers a graphical environment to a wider range of hardware and OS platforms. It serves as an intermediary between client and user applications to manage graphical displays.
According to a blog post published by software security engineer Narendra Shinde, Xorg X server doesn't correctly handle and validate arguments for at least two command-line parameters, allowing a low-privileged user to execute malicious code and overwrite any file—including files owned by privileged users like root.
The flaw, tracked as CVE-2018-14665, was introduced in X.Org server 1.19.0 package that remained undetected for almost two years and could have been exploited by a local attacker on the terminal or via SSH to elevate their privileges on a target system.
The two vulnerable parameters in question are:
- -modulepath: to set a directory path to search for Xorg server modules,
- -logfile: to set a new log file for the Xorg server, instead of using the default log file that is located at /var/log/Xorg.n.log on most platforms.
Changelog Thu Oct 25 19:21:09 UTC 2018 :x/libinput-1.12.2-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.3-x86_64-1.txz: Upgraded.
x/xorg-server-xephyr-1.20.3-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.20.3-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.20.3-x86_64-1.txz: Upgraded.
Source : https://thehackernews.com