SliTaz Repositories

     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/xorg-server/stuff/CVE-2023-0494.patch	Tue Jan 16 20:32:03 2024 +0000
     1.3 @@ -0,0 +1,34 @@
     1.4 +From 0ba6d8c37071131a49790243cdac55392ecf71ec Mon Sep 17 00:00:00 2001
     1.5 +From: Peter Hutterer <peter.hutterer@who-t.net>
     1.6 +Date: Wed, 25 Jan 2023 11:41:40 +1000
     1.7 +Subject: [PATCH] Xi: fix potential use-after-free in DeepCopyPointerClasses
     1.8 +
     1.9 +CVE-2023-0494, ZDI-CAN-19596
    1.10 +
    1.11 +This vulnerability was discovered by:
    1.12 +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
    1.13 +
    1.14 +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
    1.15 +---
    1.16 + Xi/exevents.c | 4 +++-
    1.17 + 1 file changed, 3 insertions(+), 1 deletion(-)
    1.18 +
    1.19 +diff --git a/Xi/exevents.c b/Xi/exevents.c
    1.20 +index 217baa956..dcd4efb3b 100644
    1.21 +--- a/Xi/exevents.c
    1.22 ++++ b/Xi/exevents.c
    1.23 +@@ -619,8 +619,10 @@ DeepCopyPointerClasses(DeviceIntPtr from, DeviceIntPtr to)
    1.24 +             memcpy(to->button->xkb_acts, from->button->xkb_acts,
    1.25 +                    sizeof(XkbAction));
    1.26 +         }
    1.27 +-        else
    1.28 ++        else {
    1.29 +             free(to->button->xkb_acts);
    1.30 ++            to->button->xkb_acts = NULL;
    1.31 ++        }
    1.32 + 
    1.33 +         memcpy(to->button->labels, from->button->labels,
    1.34 +                from->button->numButtons * sizeof(Atom));
    1.35 +-- 
    1.36 +GitLab
    1.37 +