Bug#891208: xserver-xorg-core: write and execute memory regions
Package: xserver-xorg-core
Version: 2:1.19.6-1
Severity: normal
Dear Maintainer,
the Xorg process runs with one memory zone that has both write and execute permissions:
# grep rwxp /proc/$(pidof Xorg)/maps
7f4c2d5e8000-7f4c2d5e9000 rwxp 00000000 00:00 0
I see this in my 2 test systems, one with Intel GPU, the other with radeon GPU.
This is a problem because in case of a bug in the server, it might be use to inject code into its process.
The same problem does exist neither in Debian 9, nor in Ubuntu 17.10, nor in Ubuntu 18.04, nor in Fedora 27. It seems specific to Debian sid.
-- System Information:
Debian Release: buster/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 4.15.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages xserver-xorg-core depends on:
ii keyboard-configuration 1.178
ii libaudit1 1:2.8.2-1
ii libbsd0 0.8.7-1
ii libc6 2.27-0experimental0
ii libdbus-1-3 1.13.0-1
ii libdrm2 2.4.90-1
ii libegl1 1.0.0-2
ii libegl1-mesa 18.0.0~rc4-1
ii libepoxy0 1.4.3-1
ii libgbm1 18.0.0~rc4-1
ii libgcrypt20 1.8.2-1
ii libgl1 1.0.0-2
ii libpciaccess0 0.13.4-1+b2
ii libpixman-1-0 0.34.0-2
ii libselinux1 2.7-2+b1
ii libsystemd0 237-3
ii libudev1 237-3
ii libxau6 1:1.0.8-1+b2
ii libxdmcp6 1:1.1.2-3
ii libxfont2 1:2.0.1-4
ii libxshmfence1 1.2-1+b2
ii udev 237-3
ii xserver-common 2:1.19.6-1
Versions of packages xserver-xorg-core recommends:
ii libgl1-mesa-dri 18.0.0~rc4-1
ii libpam-systemd 237-3
Versions of packages xserver-xorg-core suggests:
ii xfonts-100dpi 1:1.0.4+nmu1
ii xfonts-75dpi 1:1.0.4+nmu1
ii xfonts-scalable 1:1.0.3-1.1
-- no debconf information
--
Laurent.
Reply to: