X.org has issued an advisory on March 29: https://lists.x.org/archives/xorg-announce/2023-March/003374.html The issue is fixed upstream in x11-server 21.1.8 and xwayland 22.1.9: https://lists.x.org/archives/xorg-announce/2023-March/003377.html https://lists.x.org/archives/xorg-announce/2023-March/003375.html Mageia 8 is also affected.
Depends on: (none) => 31523Status comment: (none) => Fixed upstream in x11-server 21.1.8 and xwayland 22.1.9Whiteboard: (none) => MGA8TOO
Debian and Ubuntu have issued advisories for this on March 29: https://www.debian.org/security/2023/dsa-5380 https://ubuntu.com/security/notices/USN-5986-1
Fedora has issued an advisory for this today (March 30): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CB62PUAZRE2ZK6PDX6OZ2WSYXDJGBGTS/
Assigning to the registered maintainer of x11-server and x11-server-xwayland
Assignee: bugsquad => thierry.vignaudCC: (none) => marja11
Suggested advisory: ======================== The updated packages fix a security vulnerability: A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later. (CVE-2023-1393) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1393 https://lists.x.org/archives/xorg-announce/2023-March/003374.html https://www.debian.org/security/2023/dsa-5380 https://ubuntu.com/security/notices/USN-5986-1 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CB62PUAZRE2ZK6PDX6OZ2WSYXDJGBGTS/ ======================== Updated packages in core/updates_testing: ======================== x11-server-1.20.14-4.3.mga8 x11-server-common-1.20.14-4.3.mga8 x11-server-devel-1.20.14-4.3.mga8 x11-server-source-1.20.14-4.3.mga8 x11-server-xdmx-1.20.14-4.3.mga8 x11-server-xephyr-1.20.14-4.3.mga8 x11-server-xnest-1.20.14-4.3.mga8 x11-server-xorg-1.20.14-4.3.mga8 x11-server-xvfb-1.20.14-4.3.mga8 x11-server-xwayland-1.20.14-4.3.mga8 from SRPM: x11-server-1.20.14-4.3.mga8.src.rpm
CC: (none) => nicolas.salgueroCVE: (none) => CVE-2023-1393Status comment: Fixed upstream in x11-server 21.1.8 and xwayland 22.1.9 => (none)Source RPM: x11-server-21.1.7-1.mga9.src.rpm, x11-server-xwayland-22.1.8-1.mga9.src.rpm => x11-server-1.20.14-4.2.mga8.src.rpmVersion: Cauldron => 8Assignee: thierry.vignaud => qa-bugsStatus: NEW => ASSIGNEDWhiteboard: MGA8TOO => (none)
Apparently tigervnc is also affected, yet again. Nicolas, can we take care of this one too? https://access.redhat.com/errata/RHSA-2023:1592
mga8-64 test OK with Plasma, nvidia-current Installed rebooted, normal operation Video in browser and as picture-in-picture. VirtualBox running MSW7 guest. CPU: i7-3770 GM107 [GeForce GTX 750] using nvidia-current; GeForce 635 series and later, 4k display Mainboard: Sabertooth P67
CC: (none) => fri
(In reply to David Walser from comment #5) > Apparently tigervnc is also affected, yet again. Nicolas, can we take care > of this one too? > https://access.redhat.com/errata/RHSA-2023:1592 Fedora advisory for tigervnc: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SW2NRC3V53PIBXFPFBVWCOM2MDDILWQS/
Suggested advisory: ======================== The updated packages fix a security vulnerability: A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later. (CVE-2023-1393) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1393 https://lists.x.org/archives/xorg-announce/2023-March/003374.html https://www.debian.org/security/2023/dsa-5380 https://ubuntu.com/security/notices/USN-5986-1 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CB62PUAZRE2ZK6PDX6OZ2WSYXDJGBGTS/ https://access.redhat.com/errata/RHSA-2023:1592 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SW2NRC3V53PIBXFPFBVWCOM2MDDILWQS/ ======================== Updated packages in core/updates_testing: ======================== x11-server-1.20.14-4.3.mga8 x11-server-common-1.20.14-4.3.mga8 x11-server-devel-1.20.14-4.3.mga8 x11-server-source-1.20.14-4.3.mga8 x11-server-xdmx-1.20.14-4.3.mga8 x11-server-xephyr-1.20.14-4.3.mga8 x11-server-xnest-1.20.14-4.3.mga8 x11-server-xorg-1.20.14-4.3.mga8 x11-server-xvfb-1.20.14-4.3.mga8 x11-server-xwayland-1.20.14-4.3.mga8 tigervnc-1.11.0-4.3.mga8 tigervnc-java-1.11.0-4.3.mga8 tigervnc-server-1.11.0-4.3.mga8 tigervnc-server-module-1.11.0-4.3.mga8 from SRPMS: x11-server-1.20.14-4.3.mga8.src.rpm tigervnc-1.11.0-4.3.mga8.src.rpm
Source RPM: x11-server-1.20.14-4.2.mga8.src.rpm => x11-server-1.20.14-4.2.mga8.src.rpm, tigervnc-1.11.0-4.2.mga8.src.rpm
MGA7-64 - Phys Hardware - AMD x3, 730GT, Plasma The following 3 packages are going to be installed: - x11-server-common-1.20.14-4.3.mga8.x86_64 - x11-server-xorg-1.20.14-4.3.mga8.x86_64 - x11-server-xwayland-1.20.14-4.3.mga8.x86_64 616B of additional disk space will be used --- rebooted I've spent about an hour running different apps on the machine. No apparent graphics issues on this box. working for me in plasma. TigerVNC - that requires me use a separate "safe" instance to test on.
CC: (none) => brtians1
MGA8-64, Cinnamon, AMD x3, 730GT installed same x11 server components Attempted TigerVNC server Everything installed fine. TigerVNC - configuration challenges, but seems to run when triggered through systemctl. Works for me.
CC: (none) => mageia
VBOx plasma I am installing all of the X11 pieces, excluding tigervnc The following 51 packages are going to be installed: - lib64bsd-devel-0.10.0-2.mga8.x86_64 - lib64bz2-devel-1.0.8-2.mga8.x86_64 - lib64dri-drivers-21.3.9-1.mga8.x86_64 - lib64drm-devel-2.4.107-3.mga8.x86_64 - lib64expat-devel-2.2.10-1.mga8.x86_64 - lib64fontenc-devel-1.1.4-2.mga8.x86_64 - lib64freetype2-devel-2.10.4-2.mga8.x86_64 - lib64glapi-devel-21.3.9-1.mga8.x86_64 - lib64glapi0-21.3.9-1.mga8.x86_64 - lib64glesv1_cm1-1.3.2-16.mga8.x86_64 - lib64glvnd-devel-1.3.2-16.mga8.x86_64 - lib64kms1-2.4.107-3.mga8.x86_64 - lib64mesagl-devel-21.3.9-1.mga8.x86_64 - lib64mesagl1-21.3.9-1.mga8.x86_64 - lib64mesakhr-devel-21.3.9-1.mga8.x86_64 - lib64mesavulkan-drivers-21.3.9-1.mga8.x86_64 - lib64pciaccess-devel-0.16-2.mga8.x86_64 - lib64pixman-devel-0.40.0-1.mga8.x86_64 - lib64png-devel-1.6.37-2.mga8.x86_64 - lib64x11-devel-1.7.0-1.2.mga8.x86_64 - lib64xau-devel-1.0.9-2.mga8.x86_64 - lib64xcb-devel-1.14-1.mga8.x86_64 - lib64xcb-screensaver0-1.14-1.mga8.x86_64 - lib64xcb-xf86dri0-1.14-1.mga8.x86_64 - lib64xcb-xtest0-1.14-1.mga8.x86_64 - lib64xcb-xvmc0-1.14-1.mga8.x86_64 - lib64xdmcp-devel-1.1.3-2.mga8.x86_64 - lib64xext-devel-1.3.4-2.mga8.x86_64 - lib64xfixes-devel-5.0.3-3.mga8.x86_64 - lib64xfont2-devel-2.0.4-2.mga8.x86_64 - lib64xkbfile-devel-1.1.0-2.mga8.x86_64 - lib64xshmfence-devel-1.3-3.mga8.x86_64 - lib64xxf86vm-devel-1.1.4-4.mga8.x86_64 - lib64zlib-devel-1.2.11-9.mga8.x86_64 - libpthread-stubs-0.4-3.mga8.x86_64 - libstdc++-devel-10.3.0-2.mga8.x86_64 - libstdc++-python-devel-10.3.0-2.mga8.x86_64 - mesa-21.3.9-1.mga8.x86_64 - multiarch-utils-1.0.14-3.mga8.noarch - valgrind-devel-3.16.1-10.mga8.x86_64 - x11-proto-devel-2020.1-2.mga8.noarch - x11-server-1.20.14-4.3.mga8.x86_64 - x11-server-common-1.20.14-4.3.mga8.x86_64 - x11-server-devel-1.20.14-4.3.mga8.x86_64 - x11-server-source-1.20.14-4.3.mga8.noarch - x11-server-xdmx-1.20.14-4.3.mga8.x86_64 - x11-server-xephyr-1.20.14-4.3.mga8.x86_64 - x11-server-xnest-1.20.14-4.3.mga8.x86_64 - x11-server-xorg-1.20.14-4.3.mga8.x86_64 - x11-server-xvfb-1.20.14-4.3.mga8.x86_64 - x11-server-xwayland-1.20.14-4.3.mga8.x86_64 60MB of additional disk space will be used. Everything installed and the system is working. Note, I'm running this on Vbox running an MGA8 host that is also running the X11 updates. Seems to be working for me.
Whiteboard: (none) => MGA8-64-OK
MGA8-32, vbox, mate - x11-server-1.20.14-4.3.mga8.i586 - x11-server-common-1.20.14-4.3.mga8.i586 - x11-server-xdmx-1.20.14-4.3.mga8.i586 - x11-server-xnest-1.20.14-4.3.mga8.i586 - x11-server-xorg-1.20.14-4.3.mga8.i586 - x11-server-xvfb-1.20.14-4.3.mga8.i586 - x11-server-xwayland-1.20.14-4.3.mga8.i586 -- rebooted tested with video (youtube). working as expected.
Validating. Advisory in comment 8.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0131.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED