(RHSA-2024:2996) Moderate: xorg-x11-server-Xwayland security update

2024-05-2206:35:18

access.redhat.com

xwayland

x clients

wayland

out-of-bounds write

memory reads

memory writes

heap overflow

selinux

glx pbuffer

cvss score

red hat enterprise linux 8.10 release notes

7.7 High

AI Score

Confidence

Low

0.273 Low

EPSS

Percentile

96.8%

JSON

Xwayland is an X server for running X clients under Wayland.

Security Fix(es):

xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)
xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)
xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)
xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)
xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)
xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)
xorg-x11-server: SELinux context corruption (CVE-2024-0409)
xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)
xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.10 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8s390xxorg-x11-server-xwayland-debugsource< 21.1.3-15.el8xorg-x11-server-Xwayland-debugsource-21.1.3-15.el8.s390x.rpm
RedHat8aarch64xorg-x11-server-xwayland< 21.1.3-15.el8xorg-x11-server-Xwayland-21.1.3-15.el8.aarch64.rpm
RedHat8ppc64lexorg-x11-server-xwayland-debuginfo< 21.1.3-15.el8xorg-x11-server-Xwayland-debuginfo-21.1.3-15.el8.ppc64le.rpm
RedHat8ppc64lexorg-x11-server-xwayland-debugsource< 21.1.3-15.el8xorg-x11-server-Xwayland-debugsource-21.1.3-15.el8.ppc64le.rpm
RedHat8ppc64lexorg-x11-server-xwayland< 21.1.3-15.el8xorg-x11-server-Xwayland-21.1.3-15.el8.ppc64le.rpm
RedHat8aarch64xorg-x11-server-xwayland-debugsource< 21.1.3-15.el8xorg-x11-server-Xwayland-debugsource-21.1.3-15.el8.aarch64.rpm
RedHat8x86_64xorg-x11-server-xwayland< 21.1.3-15.el8xorg-x11-server-Xwayland-21.1.3-15.el8.x86_64.rpm
RedHat8x86_64xorg-x11-server-xwayland-debugsource< 21.1.3-15.el8xorg-x11-server-Xwayland-debugsource-21.1.3-15.el8.x86_64.rpm
RedHat8aarch64xorg-x11-server-xwayland-debuginfo< 21.1.3-15.el8xorg-x11-server-Xwayland-debuginfo-21.1.3-15.el8.aarch64.rpm
RedHat8x86_64xorg-x11-server-xwayland-debuginfo< 21.1.3-15.el8xorg-x11-server-Xwayland-debuginfo-21.1.3-15.el8.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	s390x	xorg-x11-server-xwayland-debugsource	< 21.1.3-15.el8	xorg-x11-server-Xwayland-debugsource-21.1.3-15.el8.s390x.rpm
RedHat	8	aarch64	xorg-x11-server-xwayland	< 21.1.3-15.el8	xorg-x11-server-Xwayland-21.1.3-15.el8.aarch64.rpm
RedHat	8	ppc64le	xorg-x11-server-xwayland-debuginfo	< 21.1.3-15.el8	xorg-x11-server-Xwayland-debuginfo-21.1.3-15.el8.ppc64le.rpm
RedHat	8	ppc64le	xorg-x11-server-xwayland-debugsource	< 21.1.3-15.el8	xorg-x11-server-Xwayland-debugsource-21.1.3-15.el8.ppc64le.rpm
RedHat	8	ppc64le	xorg-x11-server-xwayland	< 21.1.3-15.el8	xorg-x11-server-Xwayland-21.1.3-15.el8.ppc64le.rpm
RedHat	8	aarch64	xorg-x11-server-xwayland-debugsource	< 21.1.3-15.el8	xorg-x11-server-Xwayland-debugsource-21.1.3-15.el8.aarch64.rpm
RedHat	8	x86_64	xorg-x11-server-xwayland	< 21.1.3-15.el8	xorg-x11-server-Xwayland-21.1.3-15.el8.x86_64.rpm
RedHat	8	x86_64	xorg-x11-server-xwayland-debugsource	< 21.1.3-15.el8	xorg-x11-server-Xwayland-debugsource-21.1.3-15.el8.x86_64.rpm
RedHat	8	aarch64	xorg-x11-server-xwayland-debuginfo	< 21.1.3-15.el8	xorg-x11-server-Xwayland-debuginfo-21.1.3-15.el8.aarch64.rpm
RedHat	8	x86_64	xorg-x11-server-xwayland-debuginfo	< 21.1.3-15.el8	xorg-x11-server-Xwayland-debuginfo-21.1.3-15.el8.x86_64.rpm