wok-current diff xorg-server/stuff/CVE-2022-4283.patch @ rev 25640
Patch xorg-server (CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886)
| author | Stanislas Leduc <shann@slitaz.org> |
|---|---|
| date | Tue Jan 16 20:32:03 2024 +0000 (8 months ago) |
| parents | |
| children |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/xorg-server/stuff/CVE-2022-4283.patch Tue Jan 16 20:32:03 2024 +0000 1.3 @@ -0,0 +1,35 @@ 1.4 +From ccdd431cd8f1cabae9d744f0514b6533c438908c Mon Sep 17 00:00:00 2001 1.5 +From: Peter Hutterer <peter.hutterer@who-t.net> 1.6 +Date: Mon, 5 Dec 2022 15:55:54 +1000 1.7 +Subject: [PATCH] xkb: reset the radio_groups pointer to NULL after freeing it 1.8 + 1.9 +Unlike other elements of the keymap, this pointer was freed but not 1.10 +reset. On a subsequent XkbGetKbdByName request, the server may access 1.11 +already freed memory. 1.12 + 1.13 +CVE-2022-4283, ZDI-CAN-19530 1.14 + 1.15 +This vulnerability was discovered by: 1.16 +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative 1.17 + 1.18 +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> 1.19 +Acked-by: Olivier Fourdan <ofourdan@redhat.com> 1.20 +--- 1.21 + xkb/xkbUtils.c | 1 + 1.22 + 1 file changed, 1 insertion(+) 1.23 + 1.24 +diff --git a/xkb/xkbUtils.c b/xkb/xkbUtils.c 1.25 +index dd089c204..3f5791a18 100644 1.26 +--- a/xkb/xkbUtils.c 1.27 ++++ b/xkb/xkbUtils.c 1.28 +@@ -1326,6 +1326,7 @@ _XkbCopyNames(XkbDescPtr src, XkbDescPtr dst) 1.29 + } 1.30 + else { 1.31 + free(dst->names->radio_groups); 1.32 ++ dst->names->radio_groups = NULL; 1.33 + } 1.34 + dst->names->num_rg = src->names->num_rg; 1.35 + 1.36 +-- 1.37 +GitLab 1.38 +