| Description |
| + |
Incorrect command-line parameter validation in the Xorg X server can lead to privilege elevation and/or arbitrary files overwrite, when the X server is installed with the setuid bit set and unprivileged users have the ability to log in to the system via physical console. |
| + |
|
| + |
The -modulepath argument can be used to specify an insecure path to modules that are going to be loaded in the X server, allowing to execute unprivileged code in the privileged process. |
| + |
|
| + |
The -logfile argument can be used to overwrite arbitrary files in the file system, due to incorrect checks in the parsing of the option. |
|