Описание
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues:
- CVE-2022-49737: Fixed Xorg crashing when client applications use easystroke for mouse gestures (bsc#1239750)
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP6
xorg-x11-server-21.1.11-150600.5.9.1
xorg-x11-server-Xvfb-21.1.11-150600.5.9.1
xorg-x11-server-extra-21.1.11-150600.5.9.1
SUSE Linux Enterprise Module for Development Tools 15 SP6
xorg-x11-server-sdk-21.1.11-150600.5.9.1
openSUSE Leap 15.6
xorg-x11-server-21.1.11-150600.5.9.1
xorg-x11-server-Xvfb-21.1.11-150600.5.9.1
xorg-x11-server-extra-21.1.11-150600.5.9.1
xorg-x11-server-sdk-21.1.11-150600.5.9.1
xorg-x11-server-source-21.1.11-150600.5.9.1
Ссылки
- Link for SUSE-SU-2025:0984-1
- E-Mail link for SUSE-SU-2025:0984-1
- SUSE Security Ratings
- SUSE Bug 1239750
- SUSE CVE CVE-2022-49737 page
Описание
In X.Org X server 20.11 through 21.1.16, when a client application uses easystroke for mouse gestures, the main thread modifies various data structures used by the input thread without acquiring a lock, aka a race condition. In particular, AttachDevice in dix/devices.c does not acquire an input lock.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:xorg-x11-server-21.1.11-150600.5.9.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:xorg-x11-server-Xvfb-21.1.11-150600.5.9.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:xorg-x11-server-extra-21.1.11-150600.5.9.1
SUSE Linux Enterprise Module for Development Tools 15 SP6:xorg-x11-server-sdk-21.1.11-150600.5.9.1
Ссылки
- CVE-2022-49737
- SUSE Bug 1239750