Описание
Security update for xwayland
This update for xwayland fixes the following issues:
- CVE-2022-3550: Fixed out of bounds read/write in _GetCountedString() (bsc#1204412).
- CVE-2022-3551: Fixed various leaks of the return value of GetComponentSpec() (bsc#1204416).
Список пакетов
SUSE Linux Enterprise Workstation Extension 15 SP4
xwayland-21.1.4-150400.3.3.1
openSUSE Leap 15.4
xwayland-21.1.4-150400.3.3.1
xwayland-devel-21.1.4-150400.3.3.1
Ссылки
- Link for SUSE-SU-2022:3941-1
- E-Mail link for SUSE-SU-2022:3941-1
- SUSE Security Ratings
- SUSE Bug 1204412
- SUSE Bug 1204416
- SUSE CVE CVE-2022-3550 page
- SUSE CVE CVE-2022-3551 page
Описание
A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211051.
Затронутые продукты
SUSE Linux Enterprise Workstation Extension 15 SP4:xwayland-21.1.4-150400.3.3.1
openSUSE Leap 15.4:xwayland-21.1.4-150400.3.3.1
openSUSE Leap 15.4:xwayland-devel-21.1.4-150400.3.3.1
Ссылки
- CVE-2022-3550
- SUSE Bug 1204412
- SUSE Bug 1204808
- SUSE Bug 1205071
- SUSE Bug 1206243
- SUSE Bug 1208344
- SUSE Bug 1209331
Описание
A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052.
Затронутые продукты
SUSE Linux Enterprise Workstation Extension 15 SP4:xwayland-21.1.4-150400.3.3.1
openSUSE Leap 15.4:xwayland-21.1.4-150400.3.3.1
openSUSE Leap 15.4:xwayland-devel-21.1.4-150400.3.3.1
Ссылки
- CVE-2022-3551
- SUSE Bug 1204416