xorg-x11-server-1.20.4-27.el7

エラータID: AXSA:2024-7440:02

Release date: 
Tuesday, January 23, 2024 - 02:59
Subject: 
xorg-x11-server-1.20.4-27.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.

Security Fix(es):

* xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)
* xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)
* xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)
* xorg-x11-server: SELinux context corruption (CVE-2024-0409)
* xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)
* xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-6816
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.
CVE-2024-0229
RESERVED
CVE-2024-0408
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.
CVE-2024-0409
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.
CVE-2024-21885
RESERVED
CVE-2024-21886
RESERVED

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. xorg-x11-server-1.20.4-27.el7.src.rpm
    MD5: 8bd9b5120de9468a833cd8424f1151d9
    SHA-256: bc648503776db61312dd8ba84712e9d87540d1da19d5f52b04563280c1c45af6
    Size: 5.96 MB

Asianux Server 7 for x86_64
  1. xorg-x11-server-common-1.20.4-27.el7.x86_64.rpm
    MD5: 0e5cd46db0da4fa515bd6e3cb1331579
    SHA-256: 7e7b0eb52a178b761421302d9983b048e65e51dfbeb1ab2ac5320cec4936f4e4
    Size: 56.82 kB
  2. xorg-x11-server-Xephyr-1.20.4-27.el7.x86_64.rpm
    MD5: bbaef943ba4b572bd40c94878d52c544
    SHA-256: e9798447283817959442cff1c9d158c88064398deec0ac9eca3283c62920ee91
    Size: 0.98 MB
  3. xorg-x11-server-Xorg-1.20.4-27.el7.x86_64.rpm
    MD5: a813bcbe1353420b885953080ccfe768
    SHA-256: a1843d2ebf3497826ce54d060b81b11209286096e55612cbe636def95c5c5018
    Size: 1.45 MB
  4. xorg-x11-server-Xwayland-1.20.4-27.el7.x86_64.rpm
    MD5: 183c1fa5a7fdfe0e92f75d0891099d63
    SHA-256: 01395c42446e3e5a24a48d0e7b6314ddd1826b81cf0982d11007817652ac3516
    Size: 952.50 kB