xorg-server: CVE-2023-5574

Debian Bug report logs - #1055426
xorg-server: CVE-2023-5574

Reply or subscribe to this bug.

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: xorg-server: CVE-2023-5574

Date: Sun, 05 Nov 2023 21:14:24 +0100

Source: xorg-server
Version: 2:21.1.9-1
Severity: important
Tags: security upstream
Forwarded: https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1189
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Control: found -1 2:21.1.7-3
Control: found -1 2:21.1.7-3+deb12u2
Control: found -1 2:1.20.11-1
Control: found -1 2:1.20.11-1+deb11u8

Hi,

The following vulnerability was published for xorg-server.

Known already and this is the CVE which was last-minute backed out of
the last release. Filling the downstream bug to have a tracking of it
for us in Debian.

CVE-2023-5574[0]:
| A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue
| occurs in Xvfb with a very specific and legacy configuration (a
| multi-screen setup with multiple protocol screens, also known as
| Zaphod mode). If the pointer is warped from a screen 1 to a screen
| 0, a use-after-free issue may be triggered during shutdown or reset
| of the Xvfb server, allowing for possible escalation of privileges
| or denial of service.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-5574
    https://www.cve.org/CVERecord?id=CVE-2023-5574
[1] https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1189
[2] https://lists.x.org/archives/xorg-announce/2023-October/003430.html

Regards,
Salvatore

Send a report that this bug log contains spam.