Privilege escalation in X.org server
As has only recently been announced, the developers of X server from X.org have released patches which fix a security vulnerability which allowed users to escalate their privileges. The problem affects X server running under Linux.
With Linux kernel versions 2.6x, a setuid() call can fail as a result of the standard limit on the number of processes for one user. If the return value of the setuid() call is not checked, a called program can then run as the user root.
X.org server versions 6.7.0 to 7.1 are affected, plus possibly older X11R6 releases. These are, however, no longer supported. The developers provide links to the patches for the supported server versions in a security bulletin.
- setuid return value check problems, security bulletin from the X.org developers