Описание
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues:
- CVE-2024-9632: Fixed heap-based buffer overflow privilege escalation in _XkbSetCompatMap (bsc#1231565).
Список пакетов
Image SLES15-SP3-SAPCAL-Azure
xorg-x11-server-1.20.3-150200.22.5.99.1
Image SLES15-SP3-SAPCAL-EC2-HVM
xorg-x11-server-1.20.3-150200.22.5.99.1
Image SLES15-SP3-SAPCAL-GCE
xorg-x11-server-1.20.3-150200.22.5.99.1
SUSE Enterprise Storage 7.1
xorg-x11-server-1.20.3-150200.22.5.99.1
xorg-x11-server-extra-1.20.3-150200.22.5.99.1
xorg-x11-server-sdk-1.20.3-150200.22.5.99.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
xorg-x11-server-1.20.3-150200.22.5.99.1
xorg-x11-server-extra-1.20.3-150200.22.5.99.1
xorg-x11-server-sdk-1.20.3-150200.22.5.99.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
xorg-x11-server-1.20.3-150200.22.5.99.1
xorg-x11-server-extra-1.20.3-150200.22.5.99.1
xorg-x11-server-sdk-1.20.3-150200.22.5.99.1
SUSE Linux Enterprise Server 15 SP2-LTSS
xorg-x11-server-1.20.3-150200.22.5.99.1
xorg-x11-server-extra-1.20.3-150200.22.5.99.1
xorg-x11-server-sdk-1.20.3-150200.22.5.99.1
SUSE Linux Enterprise Server 15 SP3-LTSS
xorg-x11-server-1.20.3-150200.22.5.99.1
xorg-x11-server-extra-1.20.3-150200.22.5.99.1
xorg-x11-server-sdk-1.20.3-150200.22.5.99.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
xorg-x11-server-1.20.3-150200.22.5.99.1
xorg-x11-server-extra-1.20.3-150200.22.5.99.1
xorg-x11-server-sdk-1.20.3-150200.22.5.99.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
xorg-x11-server-1.20.3-150200.22.5.99.1
xorg-x11-server-extra-1.20.3-150200.22.5.99.1
xorg-x11-server-sdk-1.20.3-150200.22.5.99.1
SUSE Linux Enterprise Workstation Extension 15 SP5
xorg-x11-server-wayland-1.20.3-150200.22.5.99.1
SUSE Linux Enterprise Workstation Extension 15 SP6
xorg-x11-server-wayland-1.20.3-150200.22.5.99.1
Ссылки
- Link for SUSE-SU-2024:3867-1
- E-Mail link for SUSE-SU-2024:3867-1
- SUSE Security Ratings
- SUSE Bug 1231565
- SUSE CVE CVE-2024-9632 page
Описание
A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.
Затронутые продукты
Image SLES15-SP3-SAPCAL-Azure:xorg-x11-server-1.20.3-150200.22.5.99.1
Image SLES15-SP3-SAPCAL-EC2-HVM:xorg-x11-server-1.20.3-150200.22.5.99.1
Image SLES15-SP3-SAPCAL-GCE:xorg-x11-server-1.20.3-150200.22.5.99.1
SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.99.1
Ссылки
- CVE-2024-9632
- SUSE Bug 1231565