A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "xvfb": "2:1.15.1-0ubuntu2.11", "xdmx": "2:1.15.1-0ubuntu2.11", "xserver-xorg-core-dbg": "2:1.15.1-0ubuntu2.11", "xserver-xorg-core-udeb-dbgsym": "2:1.15.1-0ubuntu2.11", "xdmx-tools-dbgsym": "2:1.15.1-0ubuntu2.11", "xserver-xorg-dev": "2:1.15.1-0ubuntu2.11", "xorg-server-source": "2:1.15.1-0ubuntu2.11", "xserver-xorg-core": "2:1.15.1-0ubuntu2.11", "xserver-common": "2:1.15.1-0ubuntu2.11", "xnest-dbgsym": "2:1.15.1-0ubuntu2.11", "xnest": "2:1.15.1-0ubuntu2.11", "xserver-xephyr": "2:1.15.1-0ubuntu2.11", "xserver-xorg-xmir": "2:1.15.1-0ubuntu2.11", "xdmx-tools": "2:1.15.1-0ubuntu2.11", "xserver-xorg-dev-dbgsym": "2:1.15.1-0ubuntu2.11", "xserver-xorg-core-dbgsym": "2:1.15.1-0ubuntu2.11", "xserver-xephyr-dbgsym": "2:1.15.1-0ubuntu2.11", "xdmx-dbgsym": "2:1.15.1-0ubuntu2.11", "xvfb-dbgsym": "2:1.15.1-0ubuntu2.11", "xserver-xorg-core-udeb": "2:1.15.1-0ubuntu2.11", "xserver-xorg-xmir-dbgsym": "2:1.15.1-0ubuntu2.11" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "xserver-xorg-core-lts-xenial": "2:1.18.3-1ubuntu2.3~trusty4", "xserver-xorg-core-lts-xenial-dbg": "2:1.18.3-1ubuntu2.3~trusty4", "xserver-xorg-core-lts-xenial-dbgsym": "2:1.18.3-1ubuntu2.3~trusty4", "xorg-server-source-lts-xenial": "2:1.18.3-1ubuntu2.3~trusty4", "xserver-xorg-dev-lts-xenial": "2:1.18.3-1ubuntu2.3~trusty4", "xwayland-lts-xenial": "2:1.18.3-1ubuntu2.3~trusty4", "xwayland-lts-xenial-dbgsym": "2:1.18.3-1ubuntu2.3~trusty4", "xserver-xephyr-lts-xenial-dbgsym": "2:1.18.3-1ubuntu2.3~trusty4", "xserver-xephyr-lts-xenial": "2:1.18.3-1ubuntu2.3~trusty4" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "xvfb": "2:1.18.4-0ubuntu0.8", "xserver-xorg-legacy": "2:1.18.4-0ubuntu0.8", "xdmx": "2:1.18.4-0ubuntu0.8", "xserver-xorg-core-dbg": "2:1.18.4-0ubuntu0.8", "xserver-xorg-core-udeb-dbgsym": "2:1.18.4-0ubuntu0.8", "xdmx-tools-dbgsym": "2:1.18.4-0ubuntu0.8", "xserver-xorg-dev": "2:1.18.4-0ubuntu0.8", "xnest-dbgsym": "2:1.18.4-0ubuntu0.8", "xserver-xorg-core": "2:1.18.4-0ubuntu0.8", "xserver-common": "2:1.18.4-0ubuntu0.8", "xwayland-dbgsym": "2:1.18.4-0ubuntu0.8", "xnest": "2:1.18.4-0ubuntu0.8", "xserver-xephyr": "2:1.18.4-0ubuntu0.8", "xserver-xorg-xmir": "2:1.18.4-0ubuntu0.8", "xdmx-tools": "2:1.18.4-0ubuntu0.8", "xmir-dbgsym": "2:1.18.4-0ubuntu0.8", "xwayland": "2:1.18.4-0ubuntu0.8", "xorg-server-source": "2:1.18.4-0ubuntu0.8", "xserver-xorg-core-dbgsym": "2:1.18.4-0ubuntu0.8", "xmir": "2:1.18.4-0ubuntu0.8", "xserver-xephyr-dbgsym": "2:1.18.4-0ubuntu0.8", "xdmx-dbgsym": "2:1.18.4-0ubuntu0.8", "xvfb-dbgsym": "2:1.18.4-0ubuntu0.8", "xserver-xorg-legacy-dbgsym": "2:1.18.4-0ubuntu0.8", "xserver-xorg-core-udeb": "2:1.18.4-0ubuntu0.8" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "xserver-xorg-dev-hwe-16.04": "2:1.19.6-1ubuntu4.1~16.04.2", "xorg-server-source-hwe-16.04": "2:1.19.6-1ubuntu4.1~16.04.2", "xmir-hwe-16.04": "2:1.19.6-1ubuntu4.1~16.04.2", "xserver-xorg-legacy-hwe-16.04": "2:1.19.6-1ubuntu4.1~16.04.2", "xwayland-hwe-16.04": "2:1.19.6-1ubuntu4.1~16.04.2", "xserver-xephyr-hwe-16.04-dbgsym": "2:1.19.6-1ubuntu4.1~16.04.2", "xserver-xorg-core-hwe-16.04-dbgsym": "2:1.19.6-1ubuntu4.1~16.04.2", "xserver-xorg-core-hwe-16.04": "2:1.19.6-1ubuntu4.1~16.04.2", "xserver-xorg-legacy-hwe-16.04-dbgsym": "2:1.19.6-1ubuntu4.1~16.04.2", "xserver-xephyr-hwe-16.04": "2:1.19.6-1ubuntu4.1~16.04.2", "xmir-hwe-16.04-dbgsym": "2:1.19.6-1ubuntu4.1~16.04.2", "xwayland-hwe-16.04-dbgsym": "2:1.19.6-1ubuntu4.1~16.04.2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "xvfb": "2:1.19.6-1ubuntu4.2", "xserver-xorg-legacy": "2:1.19.6-1ubuntu4.2", "xdmx": "2:1.19.6-1ubuntu4.2", "xdmx-tools-dbgsym": "2:1.19.6-1ubuntu4.2", "xserver-xorg-dev": "2:1.19.6-1ubuntu4.2", "xnest-dbgsym": "2:1.19.6-1ubuntu4.2", "xserver-xorg-core": "2:1.19.6-1ubuntu4.2", "xserver-common": "2:1.19.6-1ubuntu4.2", "xwayland-dbgsym": "2:1.19.6-1ubuntu4.2", "xnest": "2:1.19.6-1ubuntu4.2", "xserver-xephyr": "2:1.19.6-1ubuntu4.2", "xserver-xorg-xmir": "2:1.19.6-1ubuntu4.2", "xdmx-tools": "2:1.19.6-1ubuntu4.2", "xmir-dbgsym": "2:1.19.6-1ubuntu4.2", "xwayland": "2:1.19.6-1ubuntu4.2", "xorg-server-source": "2:1.19.6-1ubuntu4.2", "xserver-xorg-core-dbgsym": "2:1.19.6-1ubuntu4.2", "xmir": "2:1.19.6-1ubuntu4.2", "xserver-xephyr-dbgsym": "2:1.19.6-1ubuntu4.2", "xdmx-dbgsym": "2:1.19.6-1ubuntu4.2", "xvfb-dbgsym": "2:1.19.6-1ubuntu4.2", "xserver-xorg-legacy-dbgsym": "2:1.19.6-1ubuntu4.2", "xserver-xorg-core-udeb": "2:1.19.6-1ubuntu4.2" } ] }