Summary: | <x11-base/xorg-server-1.20.3: Incorrect permission check in Xorg X server allows for privilege escalation (CVE-2018-14665) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Matt Turner <mattst88> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | critical | CC: | vk-gentoo-bugs, x11 | ||||
Priority: | Normal | Keywords: | STABLEREQ | ||||
Version: | unspecified | Flags: | stable-bot:
sanity-check+
|
||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | https://lists.x.org/archives/xorg-announce/2018-October/002927.html | ||||||
See Also: |
https://bugs.gentoo.org/show_bug.cgi?id=673392 https://bugs.gentoo.org/show_bug.cgi?id=673490 |
||||||
Whiteboard: | A1 [glsa+ cve stable] | ||||||
Package list: |
x11-base/xorg-drivers-1.20 alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
x11-base/xorg-server-1.20.3 alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
x11-drivers/xf86-input-libinput-0.28.1 alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
x11-drivers/xf86-video-amdgpu-18.1.0 amd64 x86
x11-drivers/xf86-video-ati-18.1.0 alpha amd64 ia64 ppc ppc64 sparc x86
x11-drivers/xf86-video-r128-6.12.0 alpha amd64 ia64 ppc ppc64 sparc x86
|
Runtime testing required: | --- | ||||
Bug Depends on: | 669812, 670068 | ||||||
Bug Blocks: | 668900 | ||||||
Attachments: |
|
Description
Matt Turner
2018-10-25 15:39:51 UTC
amd64 stable *** Bug 669626 has been marked as a duplicate of this bug. *** Created attachment 553046 [details, diff]
Add a setuid knob to control +s on /usr/bin/Xorg, on by default for backwards compat
Derp... see attachment. Please consider adding this or something like it to the ebuild, so that Gentoo admins can choose to set USE=-setuid to avoid chmod +s on /usr/bin/Xorg. Setuid is only required when not using a launcher like xdm, gdm, lightdm. We currently force it on unless systemd is in use. This patch leaves the current behavior as the default, but allows admins to prevent setuid Xorg, to avoid this and similar future issues. Let me know if this should be a separate bug instead (don't know if this will be controversial during the stabilization process?). (In reply to Hank Leininger from comment #4) > Derp... see attachment. > > Please consider adding this or something like it to the ebuild, so that > Gentoo admins can choose to set USE=-setuid to avoid chmod +s on > /usr/bin/Xorg. Setuid is only required when not using a launcher like xdm, > gdm, lightdm. We currently force it on unless systemd is in use. This > patch leaves the current behavior as the default, but allows admins to > prevent setuid Xorg, to avoid this and similar future issues. > > Let me know if this should be a separate bug instead (don't know if this > will be controversial during the stabilization process?). Yes, let's please do this as a separate bug. (In reply to Matt Turner from comment #5) > (In reply to Hank Leininger from comment #4) > > > > Please consider adding this or something like it to the ebuild, so that > > Gentoo admins can choose to set USE=-setuid to avoid chmod +s on [snip] > > Let me know if this should be a separate bug instead (don't know if this > > Yes, let's please do this as a separate bug. Thanks, done: bug 669648 x86 stable ppc/ppc64 stable ia64 stable sparc stable hppa stable alpha stable New GLSA request filed. This issue was resolved and addressed in GLSA 201810-09 at https://security.gentoo.org/glsa/201810-09 by GLSA coordinator Thomas Deutschmann (whissi). Re-opening for remaining architecture. arm stable, all arches done. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7de9593c7863f6af2de82de65c31778b4f1ece81 commit 7de9593c7863f6af2de82de65c31778b4f1ece81 Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2018-12-16 22:25:12 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2018-12-16 22:26:26 +0000 profiles/package.mask: Mask =x11-drivers/nvidia-drivers-304* Bug: https://bugs.gentoo.org/669588 Signed-off-by: Jeroen Roovers <jer@gentoo.org> profiles/package.mask | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=96acbebb9da80d6eae805b839c8e79f967cd344b commit 96acbebb9da80d6eae805b839c8e79f967cd344b Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2018-12-16 22:38:15 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2018-12-16 22:39:25 +0000 profiles/package.mask: Clarify x11-drivers/nvidia-drivers masking Bug: https://bugs.gentoo.org/669588 Signed-off-by: Jeroen Roovers <jer@gentoo.org> profiles/package.mask | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0558012b9259494dc3aaed5fb563cba1bc50de53 commit 0558012b9259494dc3aaed5fb563cba1bc50de53 Author: Matt Turner <mattst88@gentoo.org> AuthorDate: 2018-12-17 20:30:17 +0000 Commit: Matt Turner <mattst88@gentoo.org> CommitDate: 2018-12-17 20:34:14 +0000 profiles: Mask <x11-base/xorg-server-1.20.3 Bug: https://bugs.gentoo.org/669588 Signed-off-by: Matt Turner <mattst88@gentoo.org> profiles/package.mask | 2 ++ 1 file changed, 2 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eb22dfef2d7c2ae67f092cbbdd9a0631ca609f56 commit eb22dfef2d7c2ae67f092cbbdd9a0631ca609f56 Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2019-01-16 09:59:29 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2019-01-16 10:00:43 +0000 x11-drivers/nvidia-drivers: Drop unmaintained branches Bug: https://bugs.gentoo.org/669588 Closes: https://bugs.gentoo.org/673392 Closes: https://bugs.gentoo.org/673490 Package-Manager: Portage-2.3.56, Repoman-2.3.12 Signed-off-by: Jeroen Roovers <jer@gentoo.org> x11-drivers/nvidia-drivers/Manifest | 38 -- .../files/nvidia-drivers-375.82-profiles-rc.patch | 11 - .../files/nvidia-drivers-pax-const.patch | 17 - .../files/nvidia-drivers-pax-usercopy.patch | 54 -- .../nvidia-drivers/nvidia-drivers-304.137.ebuild | 499 ------------------ .../nvidia-drivers/nvidia-drivers-375.82.ebuild | 569 -------------------- .../nvidia-drivers/nvidia-drivers-378.13-r1.ebuild | 572 -------------------- .../nvidia-drivers/nvidia-drivers-381.22-r1.ebuild | 573 -------------------- .../nvidia-drivers/nvidia-drivers-384.130.ebuild | 581 -------------------- .../nvidia-drivers/nvidia-drivers-387.34.ebuild | 586 --------------------- .../nvidia-drivers/nvidia-drivers-396.54.ebuild | 581 -------------------- 11 files changed, 4081 deletions(-) |