Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-202401-30
HistoryJan 31, 2024 - 12:00 a.m.

X.Org X Server, XWayland: Multiple Vulnerabilities

2024-01-3100:00:00
Gentoo Foundation
security.gentoo.org
11
x window system
client/server
vulnerabilities
x11 forwarding
x.org
xwayland
cve
upgrade
workaround

8.5 High

AI Score

Confidence

Low

0.266 Low

EPSS

Percentile

96.7%

JSON

Background

The X Window System is a graphical windowing system based on a client/server model.

Description

Multiple vulnerabilities have been discovered in X.Org X Server and XWayland. Please review the CVE identifiers referenced below for details.

Impact

The X server can be crashed by a malicious client, or potentially be compromised for remote code execution in environments with X11 forwarding.

Workaround

Users can ensure no untrusted clients can access the running X implementation.

Resolution

All X.Org X Server users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=x11-base/xorg-server-21.1.11"

All XWayland users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=x11-base/xwayland-23.2.4"
OSVersionArchitecturePackageVersionFilename
Gentooanyallx11-base/xorg-server< 21.1.11UNKNOWN
Gentooanyallx11-base/xwayland< 23.2.4UNKNOWN

Related

nessus 81
osv 15
redhat 17
almalinux 5
oraclelinux 10
openvas 45
slackware 2
ubuntu 5
fedora 6
centos 2
debian 2
redos 2
rosalinux 2
mageia 1
amazon 2
freebsd 1
rocky 1
nessus
nessus
GLSA-202401-30 : X.Org X Server, XWayland: Multiple Vulnerabilities
2024-01-31 00:00:00
Oracle Linux 9 : xorg-x11-server (ELSA-2024-2169)
2024-05-06 00:00:00
RHEL 9 : xorg-x11-server (RHSA-2024:2169)
2024-04-30 00:00:00
osv
osv
Moderate: xorg-x11-server security update
2024-04-30 00:00:00
Moderate: xorg-x11-server-Xwayland security update
2024-04-30 00:00:00
xorg-server vulnerabilities
2024-03-13 20:19:27
redhat
redhat
(RHSA-2024:2169) Moderate: xorg-x11-server security update
2024-04-30 06:14:56
(RHSA-2024:2996) Moderate: xorg-x11-server-Xwayland security update
2024-05-22 06:35:18
(RHSA-2024:2170) Moderate: xorg-x11-server-Xwayland security update
2024-04-30 06:14:56
almalinux
almalinux
Moderate: xorg-x11-server security update
2024-04-30 00:00:00
Moderate: xorg-x11-server-Xwayland security update
2024-04-30 00:00:00
Important: tigervnc security update
2024-01-30 00:00:00
oraclelinux
oraclelinux
xorg-x11-server-Xwayland security update
2024-05-23 00:00:00
xorg-x11-server-Xwayland security update
2024-05-02 00:00:00
xorg-x11-server security update
2024-05-23 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2024-1254)
2024-03-12 00:00:00
Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2024-1352)
2024-03-13 00:00:00
Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2024-1232)
2024-03-12 00:00:00
slackware
slackware
[slackware-security] tigervnc
2024-01-21 20:53:54
[slackware-security] xorg-server
2024-01-16 20:56:51
ubuntu
ubuntu
X.Org X Server vulnerabilities
2024-03-13 00:00:00
X.Org X Server regression
2024-02-01 00:00:00
X.Org X Server vulnerabilities
2024-01-22 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: tigervnc-1.13.1-11.fc39
2024-01-22 01:16:00
[SECURITY] Fedora 39 Update: xorg-x11-server-1.20.14-29.fc39
2024-01-22 01:16:00
[SECURITY] Fedora 39 Update: xorg-x11-server-Xwayland-23.2.4-1.fc39
2024-01-19 02:43:04
centos
centos
xorg security update
2024-01-26 18:10:28
tigervnc security update
2024-02-05 19:31:03
debian
debian
[SECURITY] [DLA 3721-1] xorg-server security update
2024-01-25 21:55:22
[SECURITY] [DSA 5603-1] xorg-server security update
2024-01-23 19:51:42
redos
redos
ROS-20240329-09
2024-03-29 00:00:00
ROS-20240408-08
2024-04-08 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2351
2024-02-20 09:31:11
Advisory ROSA-SA-2024-2352
2024-02-20 09:34:57
mageia
mageia
Updated x11-server, x11-server-xwayland and tigervnc fix security issues
2024-02-04 05:49:27
amazon
amazon
Important: xorg-x11-server
2024-02-15 03:52:00
Important: xorg-x11-server
2024-04-25 16:04:00
freebsd
freebsd
xorg server -- Multiple vulnerabilities
2024-01-16 00:00:00
rocky
rocky
tigervnc security update
2024-02-12 20:17:26

8.5 High

AI Score

Confidence

Low

0.266 Low

EPSS

Percentile

96.7%

JSON
Related for GLSA-202401-30
nessus81osv15redhat17almalinux5oraclelinux10openvas45slackware2ubuntu5fedora6centos2debian2redos2rosalinux2mageia1amazon2freebsd1rocky1