Описание
Security update for libxkbfile
This update for libxkbfile fixes the following issues:
- CVE-2025-26595: Fixed buffer overflow in XkbVModMaskText() (bsc#1237429).
Список пакетов
Image SLES12-SP5-EC2-SAP-BYOS
libxkbfile1-1.0.8-12.3.1
Image SLES12-SP5-EC2-SAP-On-Demand
libxkbfile1-1.0.8-12.3.1
SUSE Linux Enterprise Server 12 SP5-LTSS
libxkbfile-devel-1.0.8-12.3.1
libxkbfile1-1.0.8-12.3.1
libxkbfile1-32bit-1.0.8-12.3.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
libxkbfile-devel-1.0.8-12.3.1
libxkbfile1-1.0.8-12.3.1
libxkbfile1-32bit-1.0.8-12.3.1
Ссылки
- Link for SUSE-SU-2025:0818-1
- E-Mail link for SUSE-SU-2025:0818-1
- SUSE Security Ratings
- SUSE Bug 1237429
- SUSE CVE CVE-2025-26595 page
Описание
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size.
Затронутые продукты
Image SLES12-SP5-EC2-SAP-BYOS:libxkbfile1-1.0.8-12.3.1
Image SLES12-SP5-EC2-SAP-On-Demand:libxkbfile1-1.0.8-12.3.1
SUSE Linux Enterprise Server 12 SP5-LTSS:libxkbfile-devel-1.0.8-12.3.1
SUSE Linux Enterprise Server 12 SP5-LTSS:libxkbfile1-1.0.8-12.3.1
Ссылки
- CVE-2025-26595
- SUSE Bug 1237429