Описание
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues:
- CVE-2021-4009: The handler for the CreatePointerBarrier request of the XFixes extension does not properly validate the request length leading to out of bounds memory write. (bsc#1190487)
- CVE-2021-4011: The handlers for the RecordCreateContext and RecordRegisterClients requests of the Record extension do not properly validate the request length leading to out of bounds memory write. (bsc#1190489)
Список пакетов
HPE Helion OpenStack 8
xorg-x11-server-7.6_1.18.3-76.46.1
xorg-x11-server-extra-7.6_1.18.3-76.46.1
SUSE Linux Enterprise Server 12 SP2-BCL
xorg-x11-server-7.6_1.18.3-76.46.1
xorg-x11-server-extra-7.6_1.18.3-76.46.1
SUSE Linux Enterprise Server 12 SP3-BCL
xorg-x11-server-7.6_1.18.3-76.46.1
xorg-x11-server-extra-7.6_1.18.3-76.46.1
SUSE Linux Enterprise Server 12 SP3-LTSS
xorg-x11-server-7.6_1.18.3-76.46.1
xorg-x11-server-extra-7.6_1.18.3-76.46.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
xorg-x11-server-7.6_1.18.3-76.46.1
xorg-x11-server-extra-7.6_1.18.3-76.46.1
SUSE OpenStack Cloud 8
xorg-x11-server-7.6_1.18.3-76.46.1
xorg-x11-server-extra-7.6_1.18.3-76.46.1
SUSE OpenStack Cloud Crowbar 8
xorg-x11-server-7.6_1.18.3-76.46.1
xorg-x11-server-extra-7.6_1.18.3-76.46.1
Ссылки
- Link for SUSE-SU-2021:4124-1
- E-Mail link for SUSE-SU-2021:4124-1
- SUSE Security Ratings
- SUSE Bug 1190487
- SUSE Bug 1190489
- SUSE CVE CVE-2021-4009 page
- SUSE CVE CVE-2021-4011 page
Описание
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Затронутые продукты
HPE Helion OpenStack 8:xorg-x11-server-7.6_1.18.3-76.46.1
HPE Helion OpenStack 8:xorg-x11-server-extra-7.6_1.18.3-76.46.1
SUSE Linux Enterprise Server 12 SP2-BCL:xorg-x11-server-7.6_1.18.3-76.46.1
SUSE Linux Enterprise Server 12 SP2-BCL:xorg-x11-server-extra-7.6_1.18.3-76.46.1
Ссылки
- CVE-2021-4009
- SUSE Bug 1190487
Описание
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Затронутые продукты
HPE Helion OpenStack 8:xorg-x11-server-7.6_1.18.3-76.46.1
HPE Helion OpenStack 8:xorg-x11-server-extra-7.6_1.18.3-76.46.1
SUSE Linux Enterprise Server 12 SP2-BCL:xorg-x11-server-7.6_1.18.3-76.46.1
SUSE Linux Enterprise Server 12 SP2-BCL:xorg-x11-server-extra-7.6_1.18.3-76.46.1
Ссылки
- CVE-2021-4011
- SUSE Bug 1190489
- SUSE Bug 1196656