Описание
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues:
- CVE-2022-3550: Fixed out of bounds read/write in _GetCountedString() (bsc#1204412).
- CVE-2022-3551: Fixed various leaks of the return value of GetComponentSpec() (bsc#1204416).
Список пакетов
SUSE Linux Enterprise High Performance Computing 15-ESPOS
xorg-x11-server-1.19.6-150000.8.42.1
xorg-x11-server-extra-1.19.6-150000.8.42.1
xorg-x11-server-sdk-1.19.6-150000.8.42.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
xorg-x11-server-1.19.6-150000.8.42.1
xorg-x11-server-extra-1.19.6-150000.8.42.1
xorg-x11-server-sdk-1.19.6-150000.8.42.1
SUSE Linux Enterprise Server 15-LTSS
xorg-x11-server-1.19.6-150000.8.42.1
xorg-x11-server-extra-1.19.6-150000.8.42.1
xorg-x11-server-sdk-1.19.6-150000.8.42.1
SUSE Linux Enterprise Server for SAP Applications 15
xorg-x11-server-1.19.6-150000.8.42.1
xorg-x11-server-extra-1.19.6-150000.8.42.1
xorg-x11-server-sdk-1.19.6-150000.8.42.1
Ссылки
- Link for SUSE-SU-2022:3850-1
- E-Mail link for SUSE-SU-2022:3850-1
- SUSE Security Ratings
- SUSE Bug 1204412
- SUSE Bug 1204416
- SUSE CVE CVE-2022-3550 page
- SUSE CVE CVE-2022-3551 page
Описание
A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211051.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15-ESPOS:xorg-x11-server-1.19.6-150000.8.42.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS:xorg-x11-server-extra-1.19.6-150000.8.42.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS:xorg-x11-server-sdk-1.19.6-150000.8.42.1
SUSE Linux Enterprise High Performance Computing 15-LTSS:xorg-x11-server-1.19.6-150000.8.42.1
Ссылки
- CVE-2022-3550
- SUSE Bug 1204412
- SUSE Bug 1204808
- SUSE Bug 1205071
- SUSE Bug 1206243
- SUSE Bug 1208344
- SUSE Bug 1209331
Описание
A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15-ESPOS:xorg-x11-server-1.19.6-150000.8.42.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS:xorg-x11-server-extra-1.19.6-150000.8.42.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS:xorg-x11-server-sdk-1.19.6-150000.8.42.1
SUSE Linux Enterprise High Performance Computing 15-LTSS:xorg-x11-server-1.19.6-150000.8.42.1
Ссылки
- CVE-2022-3551
- SUSE Bug 1204416