Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:4122-1

Опубликовано: 20 дек. 2021
Источник: suse-cvrf

Описание

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues:

  • CVE-2021-4009: The handler for the CreatePointerBarrier request of the XFixes extension does not properly validate the request length leading to out of bounds memory write. (bsc#1190487)
  • CVE-2021-4010: The handler for the Suspend request of the Screen Saver extension does not properly validate the request length leading to out of bounds memory write. (bsc#1190488)
  • CVE-2021-4011: The handlers for the RecordCreateContext and RecordRegisterClients requests of the Record extension do not properly validate the request length leading to out of bounds memory write. (bsc#1190489)

Список пакетов

Image SLES15-SP1-SAPCAL-Azure
xorg-x11-server-1.20.3-14.5.22.1
Image SLES15-SP1-SAPCAL-EC2-HVM
xorg-x11-server-1.20.3-14.5.22.1
Image SLES15-SP1-SAPCAL-GCE
xorg-x11-server-1.20.3-14.5.22.1
SUSE Enterprise Storage 6
xorg-x11-server-1.20.3-14.5.22.1
xorg-x11-server-extra-1.20.3-14.5.22.1
xorg-x11-server-sdk-1.20.3-14.5.22.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
xorg-x11-server-1.20.3-14.5.22.1
xorg-x11-server-extra-1.20.3-14.5.22.1
xorg-x11-server-sdk-1.20.3-14.5.22.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
xorg-x11-server-1.20.3-14.5.22.1
xorg-x11-server-extra-1.20.3-14.5.22.1
xorg-x11-server-sdk-1.20.3-14.5.22.1
SUSE Linux Enterprise Server 15 SP1-BCL
xorg-x11-server-1.20.3-14.5.22.1
xorg-x11-server-extra-1.20.3-14.5.22.1
xorg-x11-server-sdk-1.20.3-14.5.22.1
SUSE Linux Enterprise Server 15 SP1-LTSS
xorg-x11-server-1.20.3-14.5.22.1
xorg-x11-server-extra-1.20.3-14.5.22.1
xorg-x11-server-sdk-1.20.3-14.5.22.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
xorg-x11-server-1.20.3-14.5.22.1
xorg-x11-server-extra-1.20.3-14.5.22.1
xorg-x11-server-sdk-1.20.3-14.5.22.1

Ссылки

Описание

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Затронутые продукты
Image SLES15-SP1-SAPCAL-Azure:xorg-x11-server-1.20.3-14.5.22.1
Image SLES15-SP1-SAPCAL-EC2-HVM:xorg-x11-server-1.20.3-14.5.22.1
Image SLES15-SP1-SAPCAL-GCE:xorg-x11-server-1.20.3-14.5.22.1
SUSE Enterprise Storage 6:xorg-x11-server-1.20.3-14.5.22.1
Ссылки

Описание

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Затронутые продукты
Image SLES15-SP1-SAPCAL-Azure:xorg-x11-server-1.20.3-14.5.22.1
Image SLES15-SP1-SAPCAL-EC2-HVM:xorg-x11-server-1.20.3-14.5.22.1
Image SLES15-SP1-SAPCAL-GCE:xorg-x11-server-1.20.3-14.5.22.1
SUSE Enterprise Storage 6:xorg-x11-server-1.20.3-14.5.22.1
Ссылки

Описание

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Затронутые продукты
Image SLES15-SP1-SAPCAL-Azure:xorg-x11-server-1.20.3-14.5.22.1
Image SLES15-SP1-SAPCAL-EC2-HVM:xorg-x11-server-1.20.3-14.5.22.1
Image SLES15-SP1-SAPCAL-GCE:xorg-x11-server-1.20.3-14.5.22.1
SUSE Enterprise Storage 6:xorg-x11-server-1.20.3-14.5.22.1
Ссылки
Уязвимость SUSE-SU-2021:4122-1