Projects
openEuler:24.03:SP1:Everything
xorg-x11-server
_service:tar_scm:backport-CVE-2022-4283.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-CVE-2022-4283.patch of Package xorg-x11-server
From ccdd431cd8f1cabae9d744f0514b6533c438908c Mon Sep 17 00:00:00 2001 From: Peter Hutterer <peter.hutterer@who-t.net> Date: Mon, 5 Dec 2022 15:55:54 +1000 Subject: [PATCH] xkb: reset the radio_groups pointer to NULL after freeing it Unlike other elements of the keymap, this pointer was freed but not reset. On a subsequent XkbGetKbdByName request, the server may access already freed memory. CVE-2022-4283, ZDI-CAN-19530 This vulnerability was discovered by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> Acked-by: Olivier Fourdan <ofourdan@redhat.com> --- xkb/xkbUtils.c | 1 + 1 file changed, 1 insertion(+) diff --git a/xkb/xkbUtils.c b/xkb/xkbUtils.c index dd089c204..3f5791a18 100644 --- a/xkb/xkbUtils.c +++ b/xkb/xkbUtils.c @@ -1326,6 +1326,7 @@ _XkbCopyNames(XkbDescPtr src, XkbDescPtr dst) } else { free(dst->names->radio_groups); + dst->names->radio_groups = NULL; } dst->names->num_rg = src->names->num_rg; -- GitLab
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2