VDB
CNVD-2018-21933
CNVD-2018-21933
PUBLISHED
xorg-x11-server是多个厂商操作系统中所捆绑的X窗口系统显示服务器。 xorg-x11-server 1.20.3之前版本中存在安全漏洞。本地攻击者可利用该漏洞提升权限,进而以root权限运行任意代码。
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
Timeline
- Oct 25, 2018 CVE Published
- Oct 29, 2018 PoC Published
- Nov 22, 2018 PoC Published
- Nov 26, 2018 PoC Published
- Oct 22, 2019 PoC Published
- Nov 11, 2019 PoC Published
- Nov 20, 2019 PoC Published
- Feb 6, 2025 PoC Published
- Feb 23, 2025 PoC Published
- Apr 17, 2026 Distribution Patch
- Apr 17, 2026 Distribution Patch
- Apr 17, 2026 Security Advisory
References
- 45742 exploit
- [xorg-announce] 20181025 X.Org security advisory: October 25, 2018 mailing-list
- 45922 exploit
- USN-3802-1 vendor-advisory
- https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e url
- 45697 exploit
- RHSA-2018:3410 vendor-advisory
- 105741 vdb
- 45908 exploit
- https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html url
- 46142 exploit
- GLSA-201810-09 vendor-advisory
- 1041948 vdb
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14665 url
- 45832 exploit
- https://gitlab.freedesktop.org/xorg/xserver/commit/8a59e3b7dbb30532a7c3769c555e00d7c4301170 url
- 45938 exploit
- DSA-4328 vendor-advisory
- http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html url
- http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html url