wok-current view xorg-server/stuff/CVE-2022-4283.patch @ rev 25640
Patch xorg-server (CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886)
| author | Stanislas Leduc <shann@slitaz.org> |
|---|---|
| date | Tue Jan 16 20:32:03 2024 +0000 (5 months ago) |
| parents | |
| children |
line source
1 From ccdd431cd8f1cabae9d744f0514b6533c438908c Mon Sep 17 00:00:00 2001
2 From: Peter Hutterer <peter.hutterer@who-t.net>
3 Date: Mon, 5 Dec 2022 15:55:54 +1000
4 Subject: [PATCH] xkb: reset the radio_groups pointer to NULL after freeing it
6 Unlike other elements of the keymap, this pointer was freed but not
7 reset. On a subsequent XkbGetKbdByName request, the server may access
8 already freed memory.
10 CVE-2022-4283, ZDI-CAN-19530
12 This vulnerability was discovered by:
13 Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
15 Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
16 Acked-by: Olivier Fourdan <ofourdan@redhat.com>
17 ---
18 xkb/xkbUtils.c | 1 +
19 1 file changed, 1 insertion(+)
21 diff --git a/xkb/xkbUtils.c b/xkb/xkbUtils.c
22 index dd089c204..3f5791a18 100644
23 --- a/xkb/xkbUtils.c
24 +++ b/xkb/xkbUtils.c
25 @@ -1326,6 +1326,7 @@ _XkbCopyNames(XkbDescPtr src, XkbDescPtr dst)
26 }
27 else {
28 free(dst->names->radio_groups);
29 + dst->names->radio_groups = NULL;
30 }
31 dst->names->num_rg = src->names->num_rg;
33 --
34 GitLab