Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. This issue does not affect systems where client and server use the same byte order.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
X.Org X Server 缓冲区错误漏洞
Vulnerability Description
X.Org X Server是X.org基金会的一款X Window系统显示服务器。 X.Org X Server存在缓冲区错误漏洞,该漏洞源于攻击者通过XTestFakeInput请求发送长度大于32字节的GenericEvents,则XTest扩展的XTestFakeInput请求的交换处理程序可能会破坏堆栈导致X server运行权限的系统上的本地权限提升,并导致ssh X转发会话的远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A