Описание
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues:
- CVE-2021-4009: The handler for the CreatePointerBarrier request of the XFixes extension does not properly validate the request length leading to out of bounds memory write. (bsc#1190487)
- CVE-2021-4010: The handler for the Suspend request of the Screen Saver extension does not properly validate the request length leading to out of bounds memory write. (bsc#1190488)
- CVE-2021-4011: The handlers for the RecordCreateContext and RecordRegisterClients requests of the Record extension do not properly validate the request length leading to out of bounds memory write. (bsc#1190489)
Список пакетов
Image SLES15-SP3-EC2-HVM
xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAP-Azure
xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAP-EC2-HVM
xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAP-GCE
xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAPCAL-Azure
xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAPCAL-EC2-HVM
xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAPCAL-GCE
xorg-x11-server-1.20.3-22.5.42.1
SUSE Enterprise Storage 7
xorg-x11-server-1.20.3-22.5.42.1
xorg-x11-server-extra-1.20.3-22.5.42.1
xorg-x11-server-sdk-1.20.3-22.5.42.1
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
xorg-x11-server-1.20.3-22.5.42.1
xorg-x11-server-extra-1.20.3-22.5.42.1
xorg-x11-server-sdk-1.20.3-22.5.42.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
xorg-x11-server-1.20.3-22.5.42.1
xorg-x11-server-extra-1.20.3-22.5.42.1
xorg-x11-server-sdk-1.20.3-22.5.42.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
xorg-x11-server-1.20.3-22.5.42.1
xorg-x11-server-extra-1.20.3-22.5.42.1
SUSE Linux Enterprise Module for Development Tools 15 SP3
xorg-x11-server-sdk-1.20.3-22.5.42.1
SUSE Linux Enterprise Server 15 SP2-BCL
xorg-x11-server-1.20.3-22.5.42.1
xorg-x11-server-extra-1.20.3-22.5.42.1
xorg-x11-server-sdk-1.20.3-22.5.42.1
SUSE Linux Enterprise Server 15 SP2-LTSS
xorg-x11-server-1.20.3-22.5.42.1
xorg-x11-server-extra-1.20.3-22.5.42.1
xorg-x11-server-sdk-1.20.3-22.5.42.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
xorg-x11-server-1.20.3-22.5.42.1
xorg-x11-server-extra-1.20.3-22.5.42.1
xorg-x11-server-sdk-1.20.3-22.5.42.1
SUSE Linux Enterprise Workstation Extension 15 SP3
xorg-x11-server-wayland-1.20.3-22.5.42.1
SUSE Manager Proxy 4.1
xorg-x11-server-1.20.3-22.5.42.1
xorg-x11-server-extra-1.20.3-22.5.42.1
xorg-x11-server-sdk-1.20.3-22.5.42.1
SUSE Manager Retail Branch Server 4.1
xorg-x11-server-1.20.3-22.5.42.1
xorg-x11-server-extra-1.20.3-22.5.42.1
xorg-x11-server-sdk-1.20.3-22.5.42.1
SUSE Manager Server 4.1
xorg-x11-server-1.20.3-22.5.42.1
xorg-x11-server-extra-1.20.3-22.5.42.1
xorg-x11-server-sdk-1.20.3-22.5.42.1
Ссылки
- Link for SUSE-SU-2021:4136-1
- E-Mail link for SUSE-SU-2021:4136-1
- SUSE Security Ratings
- SUSE Bug 1190487
- SUSE Bug 1190488
- SUSE Bug 1190489
- SUSE CVE CVE-2021-4009 page
- SUSE CVE CVE-2021-4010 page
- SUSE CVE CVE-2021-4011 page
Описание
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Затронутые продукты
Image SLES15-SP3-EC2-HVM:xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAP-Azure:xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAP-EC2-HVM:xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAP-GCE:xorg-x11-server-1.20.3-22.5.42.1
Ссылки
- CVE-2021-4009
- SUSE Bug 1190487
Описание
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Затронутые продукты
Image SLES15-SP3-EC2-HVM:xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAP-Azure:xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAP-EC2-HVM:xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAP-GCE:xorg-x11-server-1.20.3-22.5.42.1
Ссылки
- CVE-2021-4010
- SUSE Bug 1190488
Описание
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Затронутые продукты
Image SLES15-SP3-EC2-HVM:xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAP-Azure:xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAP-EC2-HVM:xorg-x11-server-1.20.3-22.5.42.1
Image SLES15-SP3-SAP-GCE:xorg-x11-server-1.20.3-22.5.42.1
Ссылки
- CVE-2021-4011
- SUSE Bug 1190489
- SUSE Bug 1196656