update your X. And XWayland too
Possible local privilege escalation ( X as root ) or remote code execution ( X over SSH ) :(
Question: can a desktop application that displays images from the net ( web browser, rss reader, mail client ) be leveraged by a remote attacker to exploit this?
https://www.phoronix.com/news/X.Org-CVE-2024-9632
https://lists.x.org/archives/xorg-announce/2024-October/003545.html
https://feedly.com/cve/CVE-2024-9632
#X #CVE-2024-9632 #CVE #InfoSec #XWayland #XOverSSH #SSH
FLOX Advocate /
npub1tz…d5m58
2024-10-30 07:24:10
Author Public Key
npub1tz5psepdnf0yrs32sa9csta3dz62y03aepxtjvwdewxy4u2egwhqyd5m58Seen on
wss://relay.nostr.bandPublished at
2024-10-30 07:24:10Event JSON
{
"id": "accd169c5181030636ade023d845f45bd2e9015d9d6b17df9171cc6d6b678283",
"pubkey": "58a818642d9a5e41c22a874b882fb168b4a23e3dc84cb931cdcb8c4af15943ae",
"created_at": 1730273050,
"kind": 1,
"tags": [
[
"t",
"x"
],
[
"t",
"CVE"
],
[
"t",
"infosec"
],
[
"t",
"xwayland"
],
[
"t",
"xoverssh"
],
[
"t",
"SSH"
],
[
"proxy",
"https://floss.social/users/FLOX_advocate/statuses/113395174620163216",
"activitypub"
]
],
"content": "update your X. And XWayland too\n\nPossible local privilege escalation ( X as root ) or remote code execution ( X over SSH ) :(\n\nQuestion: can a desktop application that displays images from the net ( web browser, rss reader, mail client ) be leveraged by a remote attacker to exploit this?\n\nhttps://www.phoronix.com/news/X.Org-CVE-2024-9632\n\nhttps://lists.x.org/archives/xorg-announce/2024-October/003545.html\n\nhttps://feedly.com/cve/CVE-2024-9632\n\n#X #CVE-2024-9632 #CVE #InfoSec #XWayland #XOverSSH #SSH",
"sig": "09cf8126dbecbb31c256355483651f4b551dcd3b7f5b55ec7c0be72dcc52f816bd9690535c7b3f79c453c328dc6ba0e62a40bc6df0769c702fefa01ec3bf4404"
}