X.Org Server Hit By New Local Privilege Escalation Vulnerability

Written by Michael Larabel in X.Org on 7 February 2023 at 12:00 AM EST. 166 Comments
The X.Org Server keeps on giving when it comes to security vulnerabilities with its massive, aging, and ill-maintained code-base. Disclosed on Monday night was CVE-2023-0494 as the latest security advisory and another discovery by the Trend Micro Zero Day Initiative.

CVE-2023-0494 entails local privilege elevation on systems where the X.Org Server is privileged and remote code execution is supported for SSH X forwarding sessions. Thankfully for many modern X.Org Server environments these days, the X.Org Server is no longer run as root / elevated privileges but for older systems and in other select configurations unfortunately remains running in such a vulnerable configuration.

The CVE-2023-0494 vulnerability involves a use-after-free condition within DeepCopyPointerClasses for allowing reading and writing to freed memory via ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo().

More details on the latest X.Org security advisory via the xorg mailing list. The X Input security fix is available via this tiny patch. As a result of today's security disclosure, X.Org Server 21.1.7 has been released with this fix. There is also a handful of other fixes in X.Org Server 21.1.7: namely just two DIX fixes and then a handful of Apple macOS XQuartz patches.

It's been ten years already since a security researcher commented that the X.Org Server codebase security is "worse than it looks" and it continues to be the source of new security vulnerabilities for this still commonly used component to the Linux desktop.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week