X.org is an implementation of the X Window System.
Several X.org libraries and X.org itself contain system calls to set*uid() functions, without checking their result.
Local users could deliberately exceed their assigned resource limits and elevate their privileges after an unsuccessful set*uid() system call. This requires resource limits to be enabled on the machine.
There is no known workaround at this time.
All X.Org xdm users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-apps/xdm-1.0.4-r1"
All X.Org xinit users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-apps/xinit-1.0.2-r6"
All X.Org xload users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-apps/xload-1.0.1-r1"
All X.Org xf86dga users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-apps/xf86dga-1.0.1-r1"
All X.Org users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-base/xorg-x11-6.9.0-r2"
All X.Org X servers users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-base/xorg-server-1.1.0-r1"
All X.Org X11 library users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/libx11-1.0.1-r1"
All X.Org xtrans library users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/xtrans-1.0.1-r1"
All xterm users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-terms/xterm-215"
All users of the X11R6 libraries for emulation of 32bit x86 on amd64 should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/emul-linux-x86-xlibs-7.0-r2"
Please note that the fixed packages have been available for most architectures since June 30th but the GLSA release was held up waiting for the remaining architectures.