Описание
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.
Пакеты
Пакет | Статус | Версия исправления | Релиз | Тип |
---|---|---|---|---|
xorg-server | fixed | 2:21.1.16-1.2 | package | |
xwayland | unfixed | package | ||
xwayland | ignored | bookworm | package |
Примечания
Fixed by: https://gitlab.freedesktop.org/xorg/xserver/-/commit/2bde9ca49a8fd9a1e6697d5e7ef837870d66f5d4
EPSS
Связанные уязвимости
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.
Уязвимость функции RecordSanityCheckRegisterClients() сервера X Window System Xorg-server, позволяющая нарушителю вызвать отказ в обслуживании
EPSS