openSUSE-SU-2021:1587-1

Опубликовано: 15 дек. 2021

Источник: suse-cvrf

Описание

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues:

CVE-2021-4008: Fixed Privilege Escalation Vulnerability via Out-Of-Bounds Access in SProcRenderCompositeGlyphs (bsc#1193030).

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Список пакетов

openSUSE Leap 15.2

xorg-x11-server-1.20.3-lp152.8.33.1

xorg-x11-server-extra-1.20.3-lp152.8.33.1

xorg-x11-server-sdk-1.20.3-lp152.8.33.1

xorg-x11-server-source-1.20.3-lp152.8.33.1

xorg-x11-server-wayland-1.20.3-lp152.8.33.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7UNP5L7TX3N3YWCIHNMKXPR4ENMV7RHI/
E-Mail link for openSUSE-SU-2021:1587-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1193030
SUSE Bug 1193030
https://www.suse.com/security/cve/CVE-2021-4008/
SUSE CVE CVE-2021-4008 page

Описание

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Затронутые продукты

openSUSE Leap 15.2:xorg-x11-server-1.20.3-lp152.8.33.1

openSUSE Leap 15.2:xorg-x11-server-extra-1.20.3-lp152.8.33.1

openSUSE Leap 15.2:xorg-x11-server-sdk-1.20.3-lp152.8.33.1

openSUSE Leap 15.2:xorg-x11-server-source-1.20.3-lp152.8.33.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-4008.html
CVE-2021-4008
https://bugzilla.suse.com/1193030
SUSE Bug 1193030
https://bugzilla.suse.com/1194308
SUSE Bug 1194308
https://bugzilla.suse.com/1196656
SUSE Bug 1196656

openSUSE-SU-2021:1587-1

Описание

Список пакетов

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2021-4008

Описание

Затронутые продукты

Ссылки