ALT-PU-2019-1984-1
Package xorg-server updated to version 1.20.5-alt1 for branch sisyphus in task 231384.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2019-17624
"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of service (application crash) or possibly have unspecified other impact. Note: It is disputed if the X.Org X Server is involved or if there is a stack overflow.
- http://packetstormsecurity.com/files/154868/X.Org-X-Server-1.20.4-Local-Stack-Overflow.html
- http://packetstormsecurity.com/files/154868/X.Org-X-Server-1.20.4-Local-Stack-Overflow.html
- https://www.exploit-db.com/exploits/47507
- https://www.exploit-db.com/exploits/47507
- https://www.x.org/releases/individual/xserver/
- https://www.x.org/releases/individual/xserver/
Modified: 2024-11-21
CVE-2022-4283
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
- https://access.redhat.com/security/cve/CVE-2022-4283
- https://access.redhat.com/security/cve/CVE-2022-4283
- https://bugzilla.redhat.com/show_bug.cgi?id=2151761
- https://bugzilla.redhat.com/show_bug.cgi?id=2151761
- FEDORA-2022-721a78b7e5
- FEDORA-2022-721a78b7e5
- FEDORA-2022-c3a65f7c65
- FEDORA-2022-c3a65f7c65
- FEDORA-2022-dd3eb7e0a8
- FEDORA-2022-dd3eb7e0a8
- https://security.gentoo.org/glsa/202305-30
- https://security.gentoo.org/glsa/202305-30
- DSA-5304
- DSA-5304