Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:3840-1

Опубликовано: 01 нояб. 2022
Источник: suse-cvrf

Описание

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues:

  • CVE-2022-3550: Fixed out of bounds read/write in _GetCountedString() (bsc#1204412).
  • CVE-2022-3551: Fixed various leaks of the return value of GetComponentSpec() (bsc#1204416).

Список пакетов

SUSE Linux Enterprise Server 12 SP2-BCL
xorg-x11-server-7.6_1.18.3-76.52.1
xorg-x11-server-extra-7.6_1.18.3-76.52.1
SUSE Linux Enterprise Server 12 SP3-BCL
xorg-x11-server-7.6_1.18.3-76.52.1
xorg-x11-server-extra-7.6_1.18.3-76.52.1

Ссылки

Описание

A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211051.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:xorg-x11-server-7.6_1.18.3-76.52.1
SUSE Linux Enterprise Server 12 SP2-BCL:xorg-x11-server-extra-7.6_1.18.3-76.52.1
SUSE Linux Enterprise Server 12 SP3-BCL:xorg-x11-server-7.6_1.18.3-76.52.1
SUSE Linux Enterprise Server 12 SP3-BCL:xorg-x11-server-extra-7.6_1.18.3-76.52.1
Ссылки

Описание

A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:xorg-x11-server-7.6_1.18.3-76.52.1
SUSE Linux Enterprise Server 12 SP2-BCL:xorg-x11-server-extra-7.6_1.18.3-76.52.1
SUSE Linux Enterprise Server 12 SP3-BCL:xorg-x11-server-7.6_1.18.3-76.52.1
SUSE Linux Enterprise Server 12 SP3-BCL:xorg-x11-server-extra-7.6_1.18.3-76.52.1
Ссылки