Описание
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues:
- CVE-2022-2319: Fixed out-of-bounds access in _CheckSetSections() (ZDI-CAN-16062) (bsc#1194179).
- CVE-2022-2320: Fixed out-of-bounds access in CheckSetDeviceIndicators() (ZDI-CAN-16070) (bsc#1194181).
Список пакетов
SUSE Linux Enterprise Server 12 SP4-LTSS
xorg-x11-server-1.19.6-4.31.1
xorg-x11-server-extra-1.19.6-4.31.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
xorg-x11-server-1.19.6-4.31.1
xorg-x11-server-extra-1.19.6-4.31.1
SUSE OpenStack Cloud 9
xorg-x11-server-1.19.6-4.31.1
xorg-x11-server-extra-1.19.6-4.31.1
SUSE OpenStack Cloud Crowbar 9
xorg-x11-server-1.19.6-4.31.1
xorg-x11-server-extra-1.19.6-4.31.1
Ссылки
- Link for SUSE-SU-2022:2369-1
- E-Mail link for SUSE-SU-2022:2369-1
- SUSE Security Ratings
- SUSE Bug 1194179
- SUSE Bug 1194181
- SUSE CVE CVE-2022-2319 page
- SUSE CVE CVE-2022-2320 page
Описание
A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP4-LTSS:xorg-x11-server-1.19.6-4.31.1
SUSE Linux Enterprise Server 12 SP4-LTSS:xorg-x11-server-extra-1.19.6-4.31.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4:xorg-x11-server-1.19.6-4.31.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4:xorg-x11-server-extra-1.19.6-4.31.1
Ссылки
- CVE-2022-2319
- SUSE Bug 1194179
- SUSE Bug 1204093
- SUSE Bug 1205071
- SUSE Bug 1206243
Описание
A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker to escalate privileges and execute arbitrary code in the context of root.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP4-LTSS:xorg-x11-server-1.19.6-4.31.1
SUSE Linux Enterprise Server 12 SP4-LTSS:xorg-x11-server-extra-1.19.6-4.31.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4:xorg-x11-server-1.19.6-4.31.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4:xorg-x11-server-extra-1.19.6-4.31.1
Ссылки
- CVE-2022-2320
- SUSE Bug 1194181
- SUSE Bug 1201793
- SUSE Bug 1204123
- SUSE Bug 1205071