Описание
Security update for libX11
This update for libX11 fixes the following issues:
- CVE-2023-43786: Fixed stack exhaustion from infinite recursion in PutSubImage() (bsc#1215684).
- CVE-2023-43787: Fixed integer overflow in XCreateImage() leading to a heap overflow (bsc#1215685).
- CVE-2023-43785: Fixed out-of-bounds memory access in _XkbReadKeySyms() (bsc#1215683).
Список пакетов
Image SLES12-SP5-Azure-BYOS
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
Image SLES12-SP5-Azure-Basic-On-Demand
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
Image SLES12-SP5-Azure-HPC-BYOS
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
Image SLES12-SP5-Azure-HPC-On-Demand
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
Image SLES12-SP5-Azure-SAP-BYOS
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
libX11-xcb1-1.6.2-12.33.1
Image SLES12-SP5-Azure-SAP-On-Demand
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
libX11-xcb1-1.6.2-12.33.1
Image SLES12-SP5-Azure-Standard-On-Demand
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
Image SLES12-SP5-EC2-BYOS
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
Image SLES12-SP5-EC2-ECS-On-Demand
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
Image SLES12-SP5-EC2-On-Demand
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
Image SLES12-SP5-EC2-SAP-BYOS
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
libX11-xcb1-1.6.2-12.33.1
Image SLES12-SP5-EC2-SAP-On-Demand
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
libX11-xcb1-1.6.2-12.33.1
Image SLES12-SP5-GCE-BYOS
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
Image SLES12-SP5-GCE-On-Demand
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
Image SLES12-SP5-GCE-SAP-BYOS
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
libX11-xcb1-1.6.2-12.33.1
Image SLES12-SP5-GCE-SAP-On-Demand
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
libX11-xcb1-1.6.2-12.33.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
libX11-xcb1-1.6.2-12.33.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libX11-6-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
libX11-xcb1-1.6.2-12.33.1
SUSE Linux Enterprise Server 12 SP5
libX11-6-1.6.2-12.33.1
libX11-6-32bit-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
libX11-xcb1-1.6.2-12.33.1
libX11-xcb1-32bit-1.6.2-12.33.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libX11-6-1.6.2-12.33.1
libX11-6-32bit-1.6.2-12.33.1
libX11-data-1.6.2-12.33.1
libX11-xcb1-1.6.2-12.33.1
libX11-xcb1-32bit-1.6.2-12.33.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libX11-devel-1.6.2-12.33.1
Ссылки
- Link for SUSE-SU-2023:3989-1
- E-Mail link for SUSE-SU-2023:3989-1
- SUSE Security Ratings
- SUSE Bug 1215683
- SUSE Bug 1215684
- SUSE Bug 1215685
- SUSE CVE CVE-2023-43785 page
- SUSE CVE CVE-2023-43786 page
- SUSE CVE CVE-2023-43787 page
Описание
A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.
Затронутые продукты
Image SLES12-SP5-Azure-BYOS:libX11-6-1.6.2-12.33.1
Image SLES12-SP5-Azure-BYOS:libX11-data-1.6.2-12.33.1
Image SLES12-SP5-Azure-Basic-On-Demand:libX11-6-1.6.2-12.33.1
Image SLES12-SP5-Azure-Basic-On-Demand:libX11-data-1.6.2-12.33.1
Ссылки
- CVE-2023-43785
- SUSE Bug 1215683
Описание
A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.
Затронутые продукты
Image SLES12-SP5-Azure-BYOS:libX11-6-1.6.2-12.33.1
Image SLES12-SP5-Azure-BYOS:libX11-data-1.6.2-12.33.1
Image SLES12-SP5-Azure-Basic-On-Demand:libX11-6-1.6.2-12.33.1
Image SLES12-SP5-Azure-Basic-On-Demand:libX11-data-1.6.2-12.33.1
Ссылки
- CVE-2023-43786
- SUSE Bug 1215682
- SUSE Bug 1215684
Описание
A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.
Затронутые продукты
Image SLES12-SP5-Azure-BYOS:libX11-6-1.6.2-12.33.1
Image SLES12-SP5-Azure-BYOS:libX11-data-1.6.2-12.33.1
Image SLES12-SP5-Azure-Basic-On-Demand:libX11-6-1.6.2-12.33.1
Image SLES12-SP5-Azure-Basic-On-Demand:libX11-data-1.6.2-12.33.1
Ссылки
- CVE-2023-43787
- SUSE Bug 1215682
- SUSE Bug 1215685