{"schema_version":"1.7.2","id":"OESA-2024-2041","modified":"2024-08-23T11:08:55Z","published":"2024-08-23T11:08:55Z","upstream":["CVE-2023-6377","CVE-2024-31083"],"summary":"xorg-x11-server-xwayland security update","details":"Xwayland is an X server for running X clients under Wayland.   %package devel Summary: Development package Requires: pkgconfig   %description devel The development package provides the developmental files which are necessary for developing Wayland compositors using Xwayland.   %prep %autosetup -n xwayland-   %build %meson \\         -Dxwayland_eglstream=true \\         -Ddefault_font_path=\u0026quot;catalogue:/etc/X11/fontpath.d,built-ins\u0026quot; \\         -Dbuilder_string=\u0026quot;Build ID:  -\u0026quot; \\         -Dxkb_output_dir=/lib/xkb \\         -Dxcsecurity=true \\         -Dglamor=true \\         -Ddri3=true   %meson_build\r\n\r\nSecurity Fix(es):\r\n\r\nA flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved.(CVE-2023-6377)\r\n\r\nA use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.(CVE-2024-31083)","affected":[{"package":{"ecosystem":"openEuler:22.03-LTS-SP3","name":"xorg-x11-server-xwayland","purl":"pkg:rpm/openEuler/xorg-x11-server-xwayland\u0026distro=openEuler-22.03-LTS-SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"xorg-x11-server-Xwayland-22.1.2-6.oe2203sp3"}]}],"ecosystem_specific":{"aarch64":["xorg-x11-server-Xwayland-22.1.2-6.oe2203sp3.aarch64.rpm","xorg-x11-server-Xwayland-debuginfo-22.1.2-6.oe2203sp3.aarch64.rpm","xorg-x11-server-Xwayland-debugsource-22.1.2-6.oe2203sp3.aarch64.rpm","xorg-x11-server-Xwayland-devel-22.1.2-6.oe2203sp3.aarch64.rpm"],"src":["xorg-x11-server-Xwayland-22.1.2-6.oe2203sp3.src.rpm"],"x86_64":["xorg-x11-server-Xwayland-22.1.2-6.oe2203sp3.x86_64.rpm","xorg-x11-server-Xwayland-debuginfo-22.1.2-6.oe2203sp3.x86_64.rpm","xorg-x11-server-Xwayland-debugsource-22.1.2-6.oe2203sp3.x86_64.rpm","xorg-x11-server-Xwayland-devel-22.1.2-6.oe2203sp3.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2041"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6377"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-31083"}],"database_specific":{"severity":"High"}}