pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/c10f1/ALT-PU-2024-7023/definitions.json
pepelyaevip 6beaee1a47 ALT Vulnerability
2024-04-24 15:02:06 +00:00

200 lines
10 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20247023",
"Version": "oval:org.altlinux.errata:def:20247023",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-7023: package `xorg-server` update to version 1.20.14-alt12",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-7023",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-7023",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-03104",
"RefURL": "https://bdu.fstec.ru/vul/2024-03104",
"Source": "BDU"
},
{
"RefID": "BDU:2024-03109",
"RefURL": "https://bdu.fstec.ru/vul/2024-03109",
"Source": "BDU"
},
{
"RefID": "BDU:2024-03130",
"RefURL": "https://bdu.fstec.ru/vul/2024-03130",
"Source": "BDU"
},
{
"RefID": "BDU:2024-03132",
"RefURL": "https://bdu.fstec.ru/vul/2024-03132",
"Source": "BDU"
},
{
"RefID": "CVE-2024-31080",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-31080",
"Source": "CVE"
},
{
"RefID": "CVE-2024-31081",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-31081",
"Source": "CVE"
},
{
"RefID": "CVE-2024-31082",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-31082",
"Source": "CVE"
},
{
"RefID": "CVE-2024-31083",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-31083",
"Source": "CVE"
}
],
"Description": "This update upgrades xorg-server to version 1.20.14-alt12. \nSecurity Fix(es):\n\n * BDU:2024-03104: Уязвимость функции ProcXIPassiveGrabDevice() сервера X Window System Xorg-server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2024-03109: Уязвимость функции ProcAppleDRICreatePixmap() сервера X Window System Xorg-server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2024-03130: Уязвимость функции ProcRenderAddGlyphs() сервера X Window System Xorg-server, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-03132: Уязвимость функции ProcXIGetSelectedEvents() сервера X Window System Xorg-server, позволяющая нарушитель получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * CVE-2024-31080: A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.\n\n * CVE-2024-31081: A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.\n\n * CVE-2024-31082: A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.\n\n * CVE-2024-31083: A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-04-24"
},
"Updated": {
"Date": "2024-04-24"
},
"BDUs": [
{
"ID": "BDU:2024-03104",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:P/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"CWE": "CWE-126",
"Href": "https://bdu.fstec.ru/vul/2024-03104",
"Impact": "High",
"Public": "20240404"
},
{
"ID": "BDU:2024-03109",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:P/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"CWE": "CWE-126",
"Href": "https://bdu.fstec.ru/vul/2024-03109",
"Impact": "High",
"Public": "20240404"
},
{
"ID": "BDU:2024-03130",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-03130",
"Impact": "High",
"Public": "20240405"
},
{
"ID": "BDU:2024-03132",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:P/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"CWE": "CWE-126",
"Href": "https://bdu.fstec.ru/vul/2024-03132",
"Impact": "High",
"Public": "20240404"
}
],
"CVEs": [
{
"ID": "CVE-2024-31080",
"CWE": "CWE-126",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-31080",
"Impact": "None",
"Public": "20240404"
},
{
"ID": "CVE-2024-31081",
"CWE": "CWE-126",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-31081",
"Impact": "None",
"Public": "20240404"
},
{
"ID": "CVE-2024-31082",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-31082",
"Impact": "None",
"Public": "20240404"
},
{
"ID": "CVE-2024-31083",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-31083",
"Impact": "None",
"Public": "20240405"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20247023001",
"Comment": "xorg-sdk is earlier than 2:1.20.14-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20247023002",
"Comment": "xorg-server is earlier than 2:1.20.14-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20247023003",
"Comment": "xorg-server-common is earlier than 2:1.20.14-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20247023004",
"Comment": "xorg-xdmx is earlier than 2:1.20.14-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20247023005",
"Comment": "xorg-xephyr is earlier than 2:1.20.14-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20247023006",
"Comment": "xorg-xnest is earlier than 2:1.20.14-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20247023007",
"Comment": "xorg-xvfb is earlier than 2:1.20.14-alt12"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink