Sync from SUSE:ALP:Source:Standard:1.0 xwayland revision 1910b0e1c02b868c6eeaf29bff9c85a8

2024-12-05 14:19:42 +01:00 · 2024-12-05 14:19:42 +01:00 · 6f8ef8bac0
commit 6f8ef8bac0
parent abbc02295a
3 changed files with 33 additions and 0 deletions
--- a/U_xkb-Fix-buffer-overflow-in-_XkbSetCompatMap.patch
+++ b/U_xkb-Fix-buffer-overflow-in-_XkbSetCompatMap.patch
@ -0,0 +1,25 @@
+@@ -, +, @@ 
+---
+ xkb/xkb.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+--- a/xkb/xkb.c	
+++ a/xkb/xkb.c	
+@@ -2991,13 +2991,13 @@ _XkbSetCompatMap(ClientPtr client, DeviceIntPtr dev,
+         XkbSymInterpretPtr sym;
+         unsigned int skipped = 0;
+ 
+-        if ((unsigned) (req->firstSI + req->nSI) > compat->num_si) {
+-            compat->num_si = req->firstSI + req->nSI;
+        if ((unsigned) (req->firstSI + req->nSI) > compat->size_si) {
+            compat->num_si = compat->size_si = req->firstSI + req->nSI;
+             compat->sym_interpret = reallocarray(compat->sym_interpret,
+-                                                 compat->num_si,
+                                                 compat->size_si,
+                                                  sizeof(XkbSymInterpretRec));
+             if (!compat->sym_interpret) {
+-                compat->num_si = 0;
+                compat->num_si = compat->size_si = 0;
+                 return BadAlloc;
+             }
+         }
+-- 
--- a/xwayland.changes
+++ b/xwayland.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Sat Oct 19 21:57:59 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
+
+- U_xkb-Fix-buffer-overflow-in-_XkbSetCompatMap.patch
+  * Heap-based buffer overflow privilege escalation in _XkbSetCompatMap
+    (CVE-2024-9632, bsc#1231565)
+
 -------------------------------------------------------------------
 Wed Jan 17 10:20:50 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>

--- a/xwayland.spec
+++ b/xwayland.spec
@ -33,6 +33,7 @@ Group:          System/X11/Servers/XF86_4
 Source0:        %{url}/archive/individual/xserver/%{name}-%{version}.tar.xz
 Source1:        %{url}/archive/individual/xserver/%{name}-%{version}.tar.xz.sig
 Source2:        xwayland.keyring
+Patch1231565:   U_xkb-Fix-buffer-overflow-in-_XkbSetCompatMap.patch
 BuildRequires:  meson
 BuildRequires:  ninja
 BuildRequires:  pkgconfig