Projects
openEuler:20.03:LTS:SP3
xorg-x11-server
_service:tar_scm_kernel_repo:CVE-2020-14361.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm_kernel_repo:CVE-2020-14361.patch of Package xorg-x11-server
From 144849ea27230962227e62a943b399e2ab304787 Mon Sep 17 00:00:00 2001 From: Matthieu Herrb <matthieu@herrb.eu> Date: Tue, 18 Aug 2020 14:52:29 +0200 Subject: [PATCH] Fix XkbSelectEvents() integer underflow CVE-2020-14361 ZDI-CAN 11573 reference:https://gitlab.freedesktop.org/xorg/xserver/-/commit/144849ea27230962227e62a943b399e2ab304787 This vulnerability was discovered by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative Signed-off-by: Matthieu Herrb <matthieu@herrb.eu> --- xkb/xkbSwap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xkb/xkbSwap.c b/xkb/xkbSwap.c index 1c1ed5f..50cabb9 100644 --- a/xkb/xkbSwap.c +++ b/xkb/xkbSwap.c @@ -76,7 +76,7 @@ SProcXkbSelectEvents(ClientPtr client) register unsigned bit, ndx, maskLeft, dataLeft, size; from.c8 = (CARD8 *) &stuff[1]; - dataLeft = (stuff->length * 4) - SIZEOF(xkbSelectEventsReq); + dataLeft = (client->req_len * 4) - SIZEOF(xkbSelectEventsReq); maskLeft = (stuff->affectWhich & (~XkbMapNotifyMask)); for (ndx = 0, bit = 1; (maskLeft != 0); ndx++, bit <<= 1) { if (((bit & maskLeft) == 0) || (ndx == XkbMapNotify)) -- 2.27.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.