[USN-4905-1] X.Org X Server vulnerability

========================================================================== Ubuntu Security Notice USN-4905-1 April 13, 2021
xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04 vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 20.10 – Ubuntu 20.04 LTS – Ubuntu 18.04 LTS – Ubuntu 16.04 LTS
Summary:
X.Org X Server could be made to crash or run programs if it received specially crafted input.
Software Description: – xorg-server: X.Org X11 server – xorg-server-hwe-18.04: X.Org X11 server – xorg-server-hwe-16.04: X.Org X11 server
Details:
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain lengths of XInput extension ChangeFeedbackControl requests. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.10: xserver-xorg-core 2:1.20.9-2ubuntu1.3
Ubuntu 20.04 LTS: xserver-xorg-core 2:1.20.9-2ubuntu1.2~20.04.2
Ubuntu 18.04 LTS: xserver-xorg-core 2:1.19.6-1ubuntu4.9 xserver-xorg-core-hwe-18.04 2:1.20.8-2ubuntu2.2~18.04.5
Ubuntu 16.04 LTS: xserver-xorg-core 2:1.18.4-0ubuntu0.12 xserver-xorg-core-hwe-16.04 2:1.19.6-1ubuntu4.1~16.04.6
After a standard system update you need to reboot your computer to make all the necessary changes.
References: ubuntu.com/security/notices/USN-4905-1 CVE-2021-3472
Package Information: launchpad.net/ubuntu/+source/xorg-server/2:1.20.9-2ubuntu1.3 launchpad.net/ubuntu/+source/xorg-server/2:1.20.9-2ubuntu1.2~20.04.2 launchpad.net/ubuntu/+source/xorg-server/2:1.19.6-1ubuntu4.9
launchpad.net/ubuntu/+source/xorg-server-hwe-18.04/2:1.20.8-2ubuntu2.2~18.04.5 launchpad.net/ubuntu/+source/xorg-server/2:1.18.4-0ubuntu0.12
launchpad.net/ubuntu/+source/xorg-server-hwe-16.04/2:1.19.6-1ubuntu4.1~16.04.6