CVE-2013-1940
Published: 17 April 2013
X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty.
Priority
Status
Package | Release | Status |
---|---|---|
xorg-server Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Released
(2:1.7.6-2ubuntu7.12)
|
|
oneiric |
Released
(2:1.10.4-1ubuntu4.5)
|
|
precise |
Released
(2:1.11.4-0ubuntu10.13)
|
|
quantal |
Released
(2:1.13.0-0ubuntu6.2)
|
|
upstream |
Released
(1.13.4)
|
|
Patches: other: https://bugs.freedesktop.org/attachment.cgi?id=77717 |
||
xorg-server-lts-quantal Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Does not exist
|
|
oneiric |
Does not exist
|
|
precise |
Released
(2:1.13.0-0ubuntu6.1~precise3)
|
|
quantal |
Does not exist
|
|
upstream |
Needs triage
|