Local Privilege Escalation Vulnerability Affecting X.Org Server For 18 Years
Local Privilege Escalation Vulnerability Affecting X.Org Server For 18 Years
I love the link thumbnail!
Lol not even reading it because I've always assumed that if there's an RCE on desktop it will inevitably lead to full system compromise.
😅
It's trust all the way down.
Considering x windowing system (the original x11) has not been updated since 2012 it makes sense (but xorg popular x11 Implementation was last updated in April 2024)
Is this news worthy? X is the classic example of how a code base becomes completely unmanageable
Yeah the original x11 (x windowing system) has not been updated since 2012 (xorg in April 2024) it makes sense
I know Phoronix comments, but what's up with the Linux Mint hate?
Tbf, there's 1 Mint comment and 1 reply to that comment.
By providing a modified bitmap to the X.Org Server, a heap-based buffer overflow privilege escalation can occur.
Maybe we should stop writing security critical software in memory unsafe languages. I now this vulnerability was introduced a long time ago, but given that major Wayland compositors are still written in C, something like this isn't too unlikely to happen again.
Let's re-write all currently existing software in Rust, then there will be no more security holes, and every computer will be safe forever.
Wait till bro find out the program written in the "memory safe language" depends on many libraries written in C
Everyone knows. There’s nothing to “find out”.
The problem is a huge codebase that no one understands.
major Wayland compositors are still written in C
KWin is written in C++ but yes, it's not a "safe" language.
something like this isn’t too unlikely to happen again.
With at least three mainstream implementations – KWin, Mutter, and wlroots – it's highly unlikely that all would ever be equally affected by one bug.