Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2019-2683)

Published: 2020-01-23 13:13:39
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Summary:
The remote host is missing an update for the Huawei EulerOS 'xorg-x11-server' Linux Distribution Package(s) announced via the EulerOS-SA-2019-2683 advisory.

Detection Method:
Checks if a vulnerable Linux Distribution Package version is present on the target host.

Technical Details:
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.(CVE-2018-14665) In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of X Events.(CVE-2017-10971) In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.(CVE-2017-13721) It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack.(CVE-2017-2624) Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before 2017-06-19 allowed authenticated malicious users to access potentially privileged data from the X server.(CVE-2017-10972) xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.(CVE-2017-12178) xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or possibly execute arbitrary code.(CVE-2017-12176) xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.(CVE-2017-12185) xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.(CVE-2017-12187) xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.(CVE-2017-12183) xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.(CVE-2017- ... Description truncated. Please see the references for more information.

Affected Versions:
'xorg-x11-server' Linux Distribution Package(s) on Huawei EulerOS V2.0SP3.

Recommendations:
Please install the updated Linux Distribution Package(s).

Solution Type:
Vendor Patch

Detection Type:
Linux Distribution Package

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2017-10971
https://nvd.nist.gov/vuln/detail/CVE-2017-10972
https://nvd.nist.gov/vuln/detail/CVE-2017-12176
https://nvd.nist.gov/vuln/detail/CVE-2017-12177
https://nvd.nist.gov/vuln/detail/CVE-2017-12178
https://nvd.nist.gov/vuln/detail/CVE-2017-12179
https://nvd.nist.gov/vuln/detail/CVE-2017-12180
https://nvd.nist.gov/vuln/detail/CVE-2017-12181
https://nvd.nist.gov/vuln/detail/CVE-2017-12182
https://nvd.nist.gov/vuln/detail/CVE-2017-12183
https://nvd.nist.gov/vuln/detail/CVE-2017-12184
https://nvd.nist.gov/vuln/detail/CVE-2017-12185
https://nvd.nist.gov/vuln/detail/CVE-2017-12186
https://nvd.nist.gov/vuln/detail/CVE-2017-12187
https://nvd.nist.gov/vuln/detail/CVE-2017-13721
https://nvd.nist.gov/vuln/detail/CVE-2017-2624
https://nvd.nist.gov/vuln/detail/CVE-2018-14665

References:

https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2683

Search
Severity
High
CVSS Score
7.5

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.