Описание
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues:
- CVE-2022-2319: Fixed out-of-bounds access in _CheckSetSections() (ZDI-CAN-16062) (bsc#1194179).
- CVE-2022-2320: Fixed out-of-bounds access in CheckSetDeviceIndicators() (ZDI-CAN-16070) (bsc#1194181).
- Fix Xserver crash on keyboard remapping (bsc#1200076)
Список пакетов
Image SLES15-SP4-SAP
xorg-x11-server-1.20.3-150400.38.5.1
Image SLES15-SP4-SAP-Azure
xorg-x11-server-1.20.3-150400.38.5.1
Image SLES15-SP4-SAP-EC2
xorg-x11-server-1.20.3-150400.38.5.1
Image SLES15-SP4-SAP-GCE
xorg-x11-server-1.20.3-150400.38.5.1
Image SLES15-SP4-SAPCAL
xorg-x11-server-1.20.3-150400.38.5.1
Image SLES15-SP4-SAPCAL-Azure
xorg-x11-server-1.20.3-150400.38.5.1
Image SLES15-SP4-SAPCAL-EC2
xorg-x11-server-1.20.3-150400.38.5.1
Image SLES15-SP4-SAPCAL-GCE
xorg-x11-server-1.20.3-150400.38.5.1
SUSE Linux Enterprise Module for Basesystem 15 SP4
xorg-x11-server-1.20.3-150400.38.5.1
xorg-x11-server-extra-1.20.3-150400.38.5.1
SUSE Linux Enterprise Module for Development Tools 15 SP4
xorg-x11-server-sdk-1.20.3-150400.38.5.1
openSUSE Leap 15.4
xorg-x11-server-1.20.3-150400.38.5.1
xorg-x11-server-extra-1.20.3-150400.38.5.1
xorg-x11-server-sdk-1.20.3-150400.38.5.1
xorg-x11-server-source-1.20.3-150400.38.5.1
Ссылки
- Link for SUSE-SU-2022:2370-1
- E-Mail link for SUSE-SU-2022:2370-1
- SUSE Security Ratings
- SUSE Bug 1194179
- SUSE Bug 1194181
- SUSE Bug 1200076
- SUSE Bug 574
- SUSE CVE CVE-2022-2319 page
- SUSE CVE CVE-2022-2320 page
Описание
A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length.
Затронутые продукты
Image SLES15-SP4-SAP-Azure:xorg-x11-server-1.20.3-150400.38.5.1
Image SLES15-SP4-SAP-EC2:xorg-x11-server-1.20.3-150400.38.5.1
Image SLES15-SP4-SAP-GCE:xorg-x11-server-1.20.3-150400.38.5.1
Image SLES15-SP4-SAP:xorg-x11-server-1.20.3-150400.38.5.1
Ссылки
- CVE-2022-2319
- SUSE Bug 1194179
- SUSE Bug 1204093
- SUSE Bug 1205071
- SUSE Bug 1206243
Описание
A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker to escalate privileges and execute arbitrary code in the context of root.
Затронутые продукты
Image SLES15-SP4-SAP-Azure:xorg-x11-server-1.20.3-150400.38.5.1
Image SLES15-SP4-SAP-EC2:xorg-x11-server-1.20.3-150400.38.5.1
Image SLES15-SP4-SAP-GCE:xorg-x11-server-1.20.3-150400.38.5.1
Image SLES15-SP4-SAP:xorg-x11-server-1.20.3-150400.38.5.1
Ссылки
- CVE-2022-2320
- SUSE Bug 1194181
- SUSE Bug 1201793
- SUSE Bug 1204123
- SUSE Bug 1205071