Sync from SUSE:SLFO:Main xorg-x11-server revision dd06437cd4a91e3f334a9fde7b52e297

2024-11-12 12:21:10 +01:00 · 2024-11-12 12:21:10 +01:00 · 7dad0f4ee8
commit 7dad0f4ee8
parent c565876d07
3 changed files with 34 additions and 1 deletions
--- a/U_xkb-Fix-buffer-overflow-in-_XkbSetCompatMap.patch
+++ b/U_xkb-Fix-buffer-overflow-in-_XkbSetCompatMap.patch
@ -0,0 +1,25 @@
+@@ -, +, @@ 
+---
+ xkb/xkb.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+--- a/xkb/xkb.c	
+++ a/xkb/xkb.c	
+@@ -2991,13 +2991,13 @@ _XkbSetCompatMap(ClientPtr client, DeviceIntPtr dev,
+         XkbSymInterpretPtr sym;
+         unsigned int skipped = 0;
+ 
+-        if ((unsigned) (req->firstSI + req->nSI) > compat->num_si) {
+-            compat->num_si = req->firstSI + req->nSI;
+        if ((unsigned) (req->firstSI + req->nSI) > compat->size_si) {
+            compat->num_si = compat->size_si = req->firstSI + req->nSI;
+             compat->sym_interpret = reallocarray(compat->sym_interpret,
+-                                                 compat->num_si,
+                                                 compat->size_si,
+                                                  sizeof(XkbSymInterpretRec));
+             if (!compat->sym_interpret) {
+-                compat->num_si = 0;
+                compat->num_si = compat->size_si = 0;
+                 return BadAlloc;
+             }
+         }
+-- 
--- a/xorg-x11-server.changes
+++ b/xorg-x11-server.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Sat Oct 19 22:17:53 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>
+
+- U_xkb-Fix-buffer-overflow-in-_XkbSetCompatMap.patch
+  * Heap-based buffer overflow privilege escalation in _XkbSetCompatMap
+    (CVE-2024-9632, bsc#1231565)
+
 -------------------------------------------------------------------
 Wed Apr 10 14:09:31 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>

--- a/xorg-x11-server.spec
+++ b/xorg-x11-server.spec
@ -57,7 +57,7 @@ Source90:       xorg-x11-server.macros.in
 # Source91 and Source99 are used to ensure proper ABI provides.
 Source91:       xorg-server-provides
 Source92:       pre_checkin.sh
-
+Patch1231565:   U_xkb-Fix-buffer-overflow-in-_XkbSetCompatMap.patch
 BuildRequires:  bison
 BuildRequires:  flex
 BuildRequires:  libtool
@ -409,6 +409,7 @@ sh %{SOURCE92} --verify . %{SOURCE91}
 %patch1222311 -p1
 %patch1222312 -p1
 %patch1222442 -p1
+%patch1231565 -p1

 %build
 # We have some -z now related errors during X default startup (boo#1197994):