1. Ubuntu Security Notices
  2. USN-7299-4

USN-7299-4: X.Org X Server regression

Publication date

17 March 2025

Overview

Several security issues were fixed in X.Org X Server.

Releases

Packages

Details

USN-7299-2 fix vulnerabilities in X.Org X Server. This fix caused
a regression in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update
fix the regression and re-apply the fix for the CVE listed.

We apologize for the inconvenience.

Original advisory details:

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain memory operations. An attacker could use these issues to cause the
X Server to crash, leading to a denial of service, or possibly execute
arbitrary code.

USN-7299-2 fix vulnerabilities in X.Org X Server. This fix caused
a regression in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update
fix the regression and re-apply the fix for the CVE listed.

We apologize for the inconvenience.

Original advisory details:

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain memory operations. An attacker could use these issues to cause the
X Server to crash, leading to a denial of service, or possibly execute
arbitrary code.

Update instructions

After a standard system update you need to reboot your computer to make all the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
18.04 bionic xserver-xorg-core –  2:1.19.6-1ubuntu4.15+esm12  
xserver-xorg-core-hwe-18.04 –  2:1.20.8-2ubuntu2.2~18.04.11+esm4  
xwayland –  2:1.19.6-1ubuntu4.15+esm12  
xwayland-hwe-18.04 –  2:1.20.8-2ubuntu2.2~18.04.11+esm4  
16.04 xenial xserver-xorg-core –  2:1.18.4-0ubuntu0.12+esm17  
xserver-xorg-core-hwe-16.04 –  2:1.19.6-1ubuntu4.1~16.04.6+esm9  
xwayland –  2:1.18.4-0ubuntu0.12+esm17  
xwayland-hwe-16.04 –  2:1.19.6-1ubuntu4.1~16.04.6+esm9  

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

Have additional questions?

Talk to a member of the team ›