Wind River Support Network

HomeDefectsLIN6-5245

Fixed

LIN6-5245 : Security Advisory - x.org-xserver - CVE-2013-1940

Created: Jun 2, 2013 Updated: Dec 3, 2018

Resolved Date: Jun 23, 2014

Previous ID: LIN3-20275

Found In Version: 6.0

Fix Version: 6.0.0.9

Severity: Low

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1940

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38