Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2024:3788-1

Опубликовано: 30 окт. 2024
Источник: suse-cvrf

Описание

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues:

  • CVE-2024-9632: Fixed heap-based buffer overflow privilege escalation in _XkbSetCompatMap (bsc#1231565).

Список пакетов

Image SLES15-SP5-SAPCAL-Azure
xorg-x11-server-21.1.4-150500.7.29.1
xorg-x11-server-Xvfb-21.1.4-150500.7.29.1
Image SLES15-SP5-SAPCAL-EC2
xorg-x11-server-21.1.4-150500.7.29.1
xorg-x11-server-Xvfb-21.1.4-150500.7.29.1
Image SLES15-SP5-SAPCAL-GCE
xorg-x11-server-21.1.4-150500.7.29.1
xorg-x11-server-Xvfb-21.1.4-150500.7.29.1
SUSE Linux Enterprise Module for Basesystem 15 SP5
xorg-x11-server-21.1.4-150500.7.29.1
xorg-x11-server-Xvfb-21.1.4-150500.7.29.1
xorg-x11-server-extra-21.1.4-150500.7.29.1
SUSE Linux Enterprise Module for Development Tools 15 SP5
xorg-x11-server-sdk-21.1.4-150500.7.29.1
openSUSE Leap 15.5
xorg-x11-server-21.1.4-150500.7.29.1
xorg-x11-server-Xvfb-21.1.4-150500.7.29.1
xorg-x11-server-extra-21.1.4-150500.7.29.1
xorg-x11-server-sdk-21.1.4-150500.7.29.1
xorg-x11-server-source-21.1.4-150500.7.29.1

Ссылки

Описание

A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.

Затронутые продукты
Image SLES15-SP5-SAPCAL-Azure:xorg-x11-server-21.1.4-150500.7.29.1
Image SLES15-SP5-SAPCAL-Azure:xorg-x11-server-Xvfb-21.1.4-150500.7.29.1
Image SLES15-SP5-SAPCAL-EC2:xorg-x11-server-21.1.4-150500.7.29.1
Image SLES15-SP5-SAPCAL-EC2:xorg-x11-server-Xvfb-21.1.4-150500.7.29.1
Ссылки