libX11-1.6.8-8.el8
エラータID: AXSA:2024-8318:03
リリース日:
2024/06/17 Monday - 19:26
題名:
libX11-1.6.8-8.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- libX11 の _XkbReadKeySyms() 関数には、メモリ領域の範囲外読み
取りの問題があるため、ローカルの攻撃者により、情報の漏洩を可能
とする脆弱性が存在します。(CVE-2023-43785)
- libX11 の PutSubImage() には、無限ループの発生に至る問題がある
ため、ローカルの攻撃者により、サービス拒否攻撃 (CPU リソースの
枯渇) を可能とする脆弱性が存在します。(CVE-2023-43786)
- libX11 の XCreateImage() 関数には、整数オーバーフローの問題が
あるため、ローカルの攻撃者により、特権昇格、および任意のコード
の実行を可能とする脆弱性が存在します。(CVE-2023-43787)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-43785
A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.
A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.
CVE-2023-43786
A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.
A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.
CVE-2023-43787
A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.
A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.
追加情報:
N/A
ダウンロード:
SRPMS
- libX11-1.6.8-8.el8.src.rpm
MD5: cd27d559c3b8b17d1c34ad4badf68b0f
SHA-256: d4e90010eb8dbd30ef35224fc3b71c84842e2b15a41595beac434d59fabd24de
Size: 2.30 MB
Asianux Server 8 for x86_64
- libX11-1.6.8-8.el8.i686.rpm
MD5: 1c6df095b4371b6e9360d5282bad04dd
SHA-256: 3e2a8891ea4e1d23649191603c5a793f875365c1aecca42d02b6dc5ec97a220e
Size: 638.92 kB - libX11-1.6.8-8.el8.x86_64.rpm
MD5: 956d9304d298ef0ad208c9a8eff74c8b
SHA-256: 205188fc6be0010220967b9b7d167b2fb56b3b47d37ec9f1db653a70948ceb84
Size: 610.72 kB - libX11-common-1.6.8-8.el8.noarch.rpm
MD5: 496def0af5fee9c83c84518188493bf8
SHA-256: 3cb296ca39335a44a475a0e69837320ed58bbc4168245c6f4868ea64a936c0ab
Size: 157.18 kB - libX11-devel-1.6.8-8.el8.i686.rpm
MD5: 3eb43a1b374a07c57ff264c05ce9f59c
SHA-256: 2bf88388cbe1f83763d516e5d22c2b445dcc2cc166912dd5b24b52664843d99a
Size: 975.85 kB - libX11-devel-1.6.8-8.el8.x86_64.rpm
MD5: 5092799954be33cf6cef811715e555e3
SHA-256: 22aef4affca7370f4524eceda9889f530dcc3a2f707c1286c11d23e837ca3cb2
Size: 975.67 kB - libX11-xcb-1.6.8-8.el8.i686.rpm
MD5: 3b24200aef40e9a059d9aebca9a0c4f2
SHA-256: 89a07485662c07c55ad4d44f0ff51fd16897c5920fd121da997d48769d059ef8
Size: 13.51 kB - libX11-xcb-1.6.8-8.el8.x86_64.rpm
MD5: 081f10f0feaa4a0e2613a6890d380ede
SHA-256: fd0493f4bbd005b9709e919cda51edb771904c1a9682287cc7d4a721c250d39a
Size: 13.50 kB