- Vulnerability/
- USN-6453-1
USN-6453-1: X.Org X Server vulnerabilities
First published: Wed Oct 25 2023(Updated: )
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled prepending values to certain properties. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. (CVE-2023-5367) Sri discovered that the X.Org X Server incorrectly handled detroying windows in certain legacy multi-screen setups. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. (CVE-2023-5380)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/xserver-xorg-core | <2:21.1.7-3ubuntu2.1 | 2:21.1.7-3ubuntu2.1 |
| =23.10 | ||
| All of | ||
| ubuntu/xwayland | <2:23.2.0-1ubuntu0.1 | 2:23.2.0-1ubuntu0.1 |
| =23.10 | ||
| All of | ||
| ubuntu/xserver-xorg-core | <2:21.1.7-1ubuntu3.1 | 2:21.1.7-1ubuntu3.1 |
| =23.04 | ||
| All of | ||
| ubuntu/xwayland | <2:22.1.8-1ubuntu1.1 | 2:22.1.8-1ubuntu1.1 |
| =23.04 | ||
| All of | ||
| ubuntu/xserver-xorg-core | <2:21.1.4-2ubuntu1.7~22.04.2 | 2:21.1.4-2ubuntu1.7~22.04.2 |
| =22.04 | ||
| All of | ||
| ubuntu/xwayland | <2:22.1.1-1ubuntu0.7 | 2:22.1.1-1ubuntu0.7 |
| =22.04 | ||
| All of | ||
| ubuntu/xserver-xorg-core | <2:1.20.13-1ubuntu1~20.04.9 | 2:1.20.13-1ubuntu1~20.04.9 |
| =20.04 | ||
| All of | ||
| ubuntu/xwayland | <2:1.20.13-1ubuntu1~20.04.9 | 2:1.20.13-1ubuntu1~20.04.9 |
| =20.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2023-5367
- https://ubuntu.com/security/CVE-2023-5380
- https://ubuntu.com/security/notices/USN-6453-2
- https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.7-3ubuntu2.1
- https://launchpad.net/ubuntu/+source/xwayland/2:23.2.0-1ubuntu0.1
- https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.7-1ubuntu3.1
- https://launchpad.net/ubuntu/+source/xwayland/2:22.1.8-1ubuntu1.1
- https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.4-2ubuntu1.7~22.04.2
- https://launchpad.net/ubuntu/+source/xwayland/2:22.1.1-1ubuntu0.7
- https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.13-1ubuntu1~20.04.9
- https://ubuntu.com/security/notices/USN-6453-1 (Advisory)
Frequently Asked Questions
What is the vulnerability ID for this advisory?
The vulnerability ID for this advisory is USN-6453-1.
What is the severity of USN-6453-1?
The severity of USN-6453-1 is not specified in the provided information.
How does the X.Org X Server vulnerabilities impact Ubuntu?
The X.Org X Server vulnerabilities could allow attackers to crash the X Server, execute arbitrary code, or escalate privileges on affected Ubuntu systems.
Which versions of Ubuntu are affected by this vulnerability?
The versions of Ubuntu affected by this vulnerability include 23.10, 23.04, 22.04, and 20.04.
How can I fix the X.Org X Server vulnerabilities?
To fix the X.Org X Server vulnerabilities, update the xserver-xorg-core and xwayland packages to the specified remedy versions provided in the advisory.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- anchor-related/USN-6453-2
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/23.10
- version/ubuntu ubuntu/23.04
- version/ubuntu ubuntu/22.04
- version/ubuntu ubuntu/20.04