Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2020:14553-1

Опубликовано: 01 дек. 2020
Источник: suse-cvrf

Описание

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues:

  • CVE-2020-25712: Fixed a heap-based buffer overflow which could have led to privilege escalation (bsc#1177596).
  • CVE-2020-14360: Fixed an out of bounds memory accesses on too short request which could lead to denial of service (bsc#1174908).

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3
xorg-x11-Xvnc-7.4-27.122.37.1
xorg-x11-server-7.4-27.122.37.1
xorg-x11-server-extra-7.4-27.122.37.1
SUSE Linux Enterprise Server 11 SP4-LTSS
xorg-x11-Xvnc-7.4-27.122.37.1
xorg-x11-server-7.4-27.122.37.1
xorg-x11-server-extra-7.4-27.122.37.1

Ссылки

Описание

A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:xorg-x11-Xvnc-7.4-27.122.37.1
SUSE Linux Enterprise Point of Sale 11 SP3:xorg-x11-server-7.4-27.122.37.1
SUSE Linux Enterprise Point of Sale 11 SP3:xorg-x11-server-extra-7.4-27.122.37.1
SUSE Linux Enterprise Server 11 SP4-LTSS:xorg-x11-Xvnc-7.4-27.122.37.1
Ссылки

Описание

A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:xorg-x11-Xvnc-7.4-27.122.37.1
SUSE Linux Enterprise Point of Sale 11 SP3:xorg-x11-server-7.4-27.122.37.1
SUSE Linux Enterprise Point of Sale 11 SP3:xorg-x11-server-extra-7.4-27.122.37.1
SUSE Linux Enterprise Server 11 SP4-LTSS:xorg-x11-Xvnc-7.4-27.122.37.1
Ссылки