(RHSA-2024:2995) Moderate: xorg-x11-server security update

2024-05-2206:35:18

access.redhat.com

x.org

x11 server

security update

out-of-bounds write

memory read

selinux

heap buffer overflow

use-after-free

7.7 High

AI Score

Confidence

High

0.273 Low

EPSS

Percentile

96.8%

JSON

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.

Security Fix(es):

xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)
xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)
xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)
xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)
xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)
xorg-x11-server: SELinux context corruption (CVE-2024-0409)
xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)
xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)
xorg-x11-server: Use-after-free bug in DestroyWindow (CVE-2023-5380)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.10 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8s390xxorg-x11-server-debugsource< 1.20.11-22.el8xorg-x11-server-debugsource-1.20.11-22.el8.s390x.rpm
RedHat8ppc64lexorg-x11-server-xdmx-debuginfo< 1.20.11-22.el8xorg-x11-server-Xdmx-debuginfo-1.20.11-22.el8.ppc64le.rpm
RedHat8x86_64xorg-x11-server-debugsource< 1.20.11-22.el8xorg-x11-server-debugsource-1.20.11-22.el8.x86_64.rpm
RedHat8i686xorg-x11-server-devel< 1.20.11-22.el8xorg-x11-server-devel-1.20.11-22.el8.i686.rpm
RedHat8i686xorg-x11-server-xvfb-debuginfo< 1.20.11-22.el8xorg-x11-server-Xvfb-debuginfo-1.20.11-22.el8.i686.rpm
RedHat8aarch64xorg-x11-server-devel< 1.20.11-22.el8xorg-x11-server-devel-1.20.11-22.el8.aarch64.rpm
RedHat8aarch64xorg-x11-server-debuginfo< 1.20.11-22.el8xorg-x11-server-debuginfo-1.20.11-22.el8.aarch64.rpm
RedHat8i686xorg-x11-server-xdmx-debuginfo< 1.20.11-22.el8xorg-x11-server-Xdmx-debuginfo-1.20.11-22.el8.i686.rpm
RedHat8s390xxorg-x11-server-xdmx< 1.20.11-22.el8xorg-x11-server-Xdmx-1.20.11-22.el8.s390x.rpm
RedHat8s390xxorg-x11-server-xnest< 1.20.11-22.el8xorg-x11-server-Xnest-1.20.11-22.el8.s390x.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	s390x	xorg-x11-server-debugsource	< 1.20.11-22.el8	xorg-x11-server-debugsource-1.20.11-22.el8.s390x.rpm
RedHat	8	ppc64le	xorg-x11-server-xdmx-debuginfo	< 1.20.11-22.el8	xorg-x11-server-Xdmx-debuginfo-1.20.11-22.el8.ppc64le.rpm
RedHat	8	x86_64	xorg-x11-server-debugsource	< 1.20.11-22.el8	xorg-x11-server-debugsource-1.20.11-22.el8.x86_64.rpm
RedHat	8	i686	xorg-x11-server-devel	< 1.20.11-22.el8	xorg-x11-server-devel-1.20.11-22.el8.i686.rpm
RedHat	8	i686	xorg-x11-server-xvfb-debuginfo	< 1.20.11-22.el8	xorg-x11-server-Xvfb-debuginfo-1.20.11-22.el8.i686.rpm
RedHat	8	aarch64	xorg-x11-server-devel	< 1.20.11-22.el8	xorg-x11-server-devel-1.20.11-22.el8.aarch64.rpm
RedHat	8	aarch64	xorg-x11-server-debuginfo	< 1.20.11-22.el8	xorg-x11-server-debuginfo-1.20.11-22.el8.aarch64.rpm
RedHat	8	i686	xorg-x11-server-xdmx-debuginfo	< 1.20.11-22.el8	xorg-x11-server-Xdmx-debuginfo-1.20.11-22.el8.i686.rpm
RedHat	8	s390x	xorg-x11-server-xdmx	< 1.20.11-22.el8	xorg-x11-server-Xdmx-1.20.11-22.el8.s390x.rpm
RedHat	8	s390x	xorg-x11-server-xnest	< 1.20.11-22.el8	xorg-x11-server-Xnest-1.20.11-22.el8.s390x.rpm