Описание
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues:
- CVE-2022-2319: Fixed out-of-bounds access in _CheckSetSections() (ZDI-CAN-16062) (bsc#1194179).
- CVE-2022-2320: Fixed out-of-bounds access in CheckSetDeviceIndicators() (ZDI-CAN-16070) (bsc#1194181).
Список пакетов
Image SLES15-SP3-SAPCAL-Azure
xorg-x11-server-1.20.3-150200.22.5.55.1
Image SLES15-SP3-SAPCAL-EC2-HVM
xorg-x11-server-1.20.3-150200.22.5.55.1
Image SLES15-SP3-SAPCAL-GCE
xorg-x11-server-1.20.3-150200.22.5.55.1
SUSE Enterprise Storage 7
xorg-x11-server-1.20.3-150200.22.5.55.1
xorg-x11-server-extra-1.20.3-150200.22.5.55.1
xorg-x11-server-sdk-1.20.3-150200.22.5.55.1
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
xorg-x11-server-1.20.3-150200.22.5.55.1
xorg-x11-server-extra-1.20.3-150200.22.5.55.1
xorg-x11-server-sdk-1.20.3-150200.22.5.55.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
xorg-x11-server-1.20.3-150200.22.5.55.1
xorg-x11-server-extra-1.20.3-150200.22.5.55.1
xorg-x11-server-sdk-1.20.3-150200.22.5.55.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
xorg-x11-server-1.20.3-150200.22.5.55.1
xorg-x11-server-extra-1.20.3-150200.22.5.55.1
SUSE Linux Enterprise Module for Development Tools 15 SP3
xorg-x11-server-sdk-1.20.3-150200.22.5.55.1
SUSE Linux Enterprise Server 15 SP2-BCL
xorg-x11-server-1.20.3-150200.22.5.55.1
xorg-x11-server-extra-1.20.3-150200.22.5.55.1
xorg-x11-server-sdk-1.20.3-150200.22.5.55.1
SUSE Linux Enterprise Server 15 SP2-LTSS
xorg-x11-server-1.20.3-150200.22.5.55.1
xorg-x11-server-extra-1.20.3-150200.22.5.55.1
xorg-x11-server-sdk-1.20.3-150200.22.5.55.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
xorg-x11-server-1.20.3-150200.22.5.55.1
xorg-x11-server-extra-1.20.3-150200.22.5.55.1
xorg-x11-server-sdk-1.20.3-150200.22.5.55.1
SUSE Linux Enterprise Workstation Extension 15 SP3
xorg-x11-server-wayland-1.20.3-150200.22.5.55.1
SUSE Linux Enterprise Workstation Extension 15 SP4
xorg-x11-server-wayland-1.20.3-150200.22.5.55.1
SUSE Manager Proxy 4.1
xorg-x11-server-1.20.3-150200.22.5.55.1
xorg-x11-server-extra-1.20.3-150200.22.5.55.1
xorg-x11-server-sdk-1.20.3-150200.22.5.55.1
SUSE Manager Retail Branch Server 4.1
xorg-x11-server-1.20.3-150200.22.5.55.1
xorg-x11-server-extra-1.20.3-150200.22.5.55.1
xorg-x11-server-sdk-1.20.3-150200.22.5.55.1
SUSE Manager Server 4.1
xorg-x11-server-1.20.3-150200.22.5.55.1
xorg-x11-server-extra-1.20.3-150200.22.5.55.1
xorg-x11-server-sdk-1.20.3-150200.22.5.55.1
openSUSE Leap 15.3
xorg-x11-server-1.20.3-150200.22.5.55.1
xorg-x11-server-extra-1.20.3-150200.22.5.55.1
xorg-x11-server-sdk-1.20.3-150200.22.5.55.1
xorg-x11-server-source-1.20.3-150200.22.5.55.1
xorg-x11-server-wayland-1.20.3-150200.22.5.55.1
openSUSE Leap 15.4
xorg-x11-server-wayland-1.20.3-150200.22.5.55.1
Ссылки
- Link for SUSE-SU-2022:2375-1
- E-Mail link for SUSE-SU-2022:2375-1
- SUSE Security Ratings
- SUSE Bug 1194179
- SUSE Bug 1194181
- SUSE CVE CVE-2022-2319 page
- SUSE CVE CVE-2022-2320 page
Описание
A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length.
Затронутые продукты
Image SLES15-SP3-SAPCAL-Azure:xorg-x11-server-1.20.3-150200.22.5.55.1
Image SLES15-SP3-SAPCAL-EC2-HVM:xorg-x11-server-1.20.3-150200.22.5.55.1
Image SLES15-SP3-SAPCAL-GCE:xorg-x11-server-1.20.3-150200.22.5.55.1
SUSE Enterprise Storage 7:xorg-x11-server-1.20.3-150200.22.5.55.1
Ссылки
- CVE-2022-2319
- SUSE Bug 1194179
- SUSE Bug 1204093
- SUSE Bug 1205071
- SUSE Bug 1206243
Описание
A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker to escalate privileges and execute arbitrary code in the context of root.
Затронутые продукты
Image SLES15-SP3-SAPCAL-Azure:xorg-x11-server-1.20.3-150200.22.5.55.1
Image SLES15-SP3-SAPCAL-EC2-HVM:xorg-x11-server-1.20.3-150200.22.5.55.1
Image SLES15-SP3-SAPCAL-GCE:xorg-x11-server-1.20.3-150200.22.5.55.1
SUSE Enterprise Storage 7:xorg-x11-server-1.20.3-150200.22.5.55.1
Ссылки
- CVE-2022-2320
- SUSE Bug 1194181
- SUSE Bug 1201793
- SUSE Bug 1204123
- SUSE Bug 1205071