SUSE-SU-2023:4926-1

Опубликовано: 20 дек. 2023

Источник: suse-cvrf

Описание

Security update for xwayland

This update for xwayland fixes the following issues:

CVE-2023-6377: Fixed out-of-bounds memory write in XKB button actions (bsc#1217765).

Список пакетов

SUSE Linux Enterprise Workstation Extension 15 SP4

xwayland-21.1.4-150400.3.26.1

openSUSE Leap 15.4

xwayland-21.1.4-150400.3.26.1

xwayland-devel-21.1.4-150400.3.26.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20234926-1/
Link for SUSE-SU-2023:4926-1
https://lists.suse.com/pipermail/sle-security-updates/2023-December/017495.html
E-Mail link for SUSE-SU-2023:4926-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1217765
SUSE Bug 1217765
https://www.suse.com/security/cve/CVE-2023-6377/
SUSE CVE CVE-2023-6377 page

Описание

A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved.

Затронутые продукты

SUSE Linux Enterprise Workstation Extension 15 SP4:xwayland-21.1.4-150400.3.26.1

openSUSE Leap 15.4:xwayland-21.1.4-150400.3.26.1

openSUSE Leap 15.4:xwayland-devel-21.1.4-150400.3.26.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-6377.html
CVE-2023-6377
https://bugzilla.suse.com/1217765
SUSE Bug 1217765
https://bugzilla.suse.com/1221590
SUSE Bug 1221590

SUSE-SU-2023:4926-1

Описание

Список пакетов

SUSE Linux Enterprise Workstation Extension 15 SP4

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2023-6377

Описание

Затронутые продукты

Ссылки