xorg-x11-server-Xwayland-21.1.3-12.el8

エラータID: AXSA:2023-7238:04

Release date: 
Monday, December 25, 2023 - 09:50
Subject: 
xorg-x11-server-Xwayland-21.1.3-12.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

Xwayland is an X server for running X clients under Wayland.

Security Fix(es):

* xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability (CVE-2023-1393)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-1393
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

Solution: 

Update packages.

CVEs: 
CVE-2023-1393
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
Additional Info: 

N/A

Download: 

SRPMS
  1. xorg-x11-server-Xwayland-21.1.3-12.el8.src.rpm
    MD5: 75bce37a172c0e73cc3bc23eb67a91f1
    SHA-256: ab36c1aa932e3160b53a3dc0dc98bbbc871713ac38b40c90214fbab12b7fb0cf
    Size: 1.24 MB

Asianux Server 8 for x86_64
  1. xorg-x11-server-Xwayland-21.1.3-12.el8.x86_64.rpm
    MD5: b632bc6ead33d1e1fe334ee73410daea
    SHA-256: b91a1d6203fb4c76cce5221fe9df117624451a21bcfdc9b91b2103b8f9c8498b
    Size: 964.89 kB