In association with heise online

30 August 2006, 10:54

Privilege escalation in server

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

As has only recently been announced, the developers of X server from have released patches which fix a security vulnerability which allowed users to escalate their privileges. The problem affects X server running under Linux.

With Linux kernel versions 2.6x, a setuid() call can fail as a result of the standard limit on the number of processes for one user. If the return value of the setuid() call is not checked, a called program can then run as the user root. server versions 6.7.0 to 7.1 are affected, plus possibly older X11R6 releases. These are, however, no longer supported. The developers provide links to the patches for the supported server versions in a security bulletin.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit