pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/c10f2/ALT-PU-2024-6427/definitions.json
pepelyaevip 0707cb759b ALT Vulnerability
2024-04-16 14:26:14 +00:00

139 lines
7.1 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20246427",
"Version": "oval:org.altlinux.errata:def:20246427",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-6427: package `xorg-server` update to version 1.20.14-alt12",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f2"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-6427",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-6427",
"Source": "ALTPU"
},
{
"RefID": "CVE-2024-31080",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-31080",
"Source": "CVE"
},
{
"RefID": "CVE-2024-31081",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-31081",
"Source": "CVE"
},
{
"RefID": "CVE-2024-31082",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-31082",
"Source": "CVE"
},
{
"RefID": "CVE-2024-31083",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-31083",
"Source": "CVE"
}
],
"Description": "This update upgrades xorg-server to version 1.20.14-alt12. \nSecurity Fix(es):\n\n * CVE-2024-31080: A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.\n\n * CVE-2024-31081: A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.\n\n * CVE-2024-31082: A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.\n\n * CVE-2024-31083: A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-04-15"
},
"Updated": {
"Date": "2024-04-15"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2024-31080",
"CWE": "CWE-126",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-31080",
"Impact": "None",
"Public": "20240404"
},
{
"ID": "CVE-2024-31081",
"CWE": "CWE-126",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-31081",
"Impact": "None",
"Public": "20240404"
},
{
"ID": "CVE-2024-31082",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-31082",
"Impact": "None",
"Public": "20240404"
},
{
"ID": "CVE-2024-31083",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-31083",
"Impact": "None",
"Public": "20240405"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20246427001",
"Comment": "xorg-sdk is earlier than 2:1.20.14-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246427002",
"Comment": "xorg-server is earlier than 2:1.20.14-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246427003",
"Comment": "xorg-server-common is earlier than 2:1.20.14-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246427004",
"Comment": "xorg-xdmx is earlier than 2:1.20.14-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246427005",
"Comment": "xorg-xephyr is earlier than 2:1.20.14-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246427006",
"Comment": "xorg-xnest is earlier than 2:1.20.14-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246427007",
"Comment": "xorg-xvfb is earlier than 2:1.20.14-alt12"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink