xorg-x11-server-Xwayland-22.1.9-2.el9

エラータID: AXSA:2023-6921:03

Release date: 
Tuesday, December 12, 2023 - 10:46
Subject: 
xorg-x11-server-Xwayland-22.1.9-2.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

Xwayland is an X server for running X clients under Wayland.

The following packages have been upgraded to a later upstream version: xorg-x11-server-Xwayland (22.1.9). (BZ#2158761)

Security Fix(es):

* xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability (CVE-2023-1393)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-1393
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. xorg-x11-server-Xwayland-22.1.9-2.el9.src.rpm
    MD5: 248c04bc6b81a024853ff89f47aa920f
    SHA-256: ac86f7247fa7c0a123c3720cc1b68829143dcb6de28a509ecf7c59a2020f4fc2
    Size: 1.23 MB

Asianux Server 9 for x86_64
  1. xorg-x11-server-Xwayland-22.1.9-2.el9.x86_64.rpm
    MD5: 5ba693d86836733ff4baee0335517ddb
    SHA-256: 0f0090a984203f18d20161febafac30c02825716c7be8cfded682dc221f864f6
    Size: 965.34 kB