SUSE-SU-2024:0165-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:0165-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2024:0165-1
- Related
- Published
- 2024-01-19T11:55:08Z
- Modified
- 2024-01-19T11:55:08Z
- Summary
- Security update for xwayland
- Details
-
This update for xwayland fixes the following issues:
- CVE-2023-6816: Fixed heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (bsc#1218582)
- CVE-2024-0229: Fixed reattaching to different master device may lead to out-of-bounds memory access (bsc#1218583)
- CVE-2024-0408: Fixed SELinux unlabeled GLX PBuffer. (bsc#1218845)
- CVE-2024-0409: Fixed SELinux context corruption. (bsc#1218846)
- CVE-2024-21885: Fixed heap buffer overflow in XISendDeviceHierarchyEvent (bsc#1218584)
- CVE-2024-21886: Fixed heap buffer overflow in DisableDevice (bsc#1218585)
- References
-
- https://www.suse.com/support/update/announcement/2024/suse-su-20240165-1/
- https://bugzilla.suse.com/1218582
- https://bugzilla.suse.com/1218583
- https://bugzilla.suse.com/1218584
- https://bugzilla.suse.com/1218585
- https://bugzilla.suse.com/1218845
- https://bugzilla.suse.com/1218846
- https://www.suse.com/security/cve/CVE-2023-6816
- https://www.suse.com/security/cve/CVE-2024-0229
- https://www.suse.com/security/cve/CVE-2024-0408
- https://www.suse.com/security/cve/CVE-2024-0409
- https://www.suse.com/security/cve/CVE-2024-21885
- https://www.suse.com/security/cve/CVE-2024-21886