CVE-2018-144665 refers to "An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges." Here's the link to Matthew Hickey's tweet that shows the exploit. I'm not … Continue reading A Broader Issue Exposed by CVE-2018-14665 →