Projects
openEuler:20.03:LTS:SP3
xorg-x11-server
_service:tar_scm_kernel_repo:backport-CVE-2021-...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm_kernel_repo:backport-CVE-2021-3472.patch of Package xorg-x11-server
From 7aaf54a1884f71dc363f0b884e57bcb67407a6cd Mon Sep 17 00:00:00 2001 From: Matthieu Herrb <matthieu@herrb.eu> Date: Sun, 21 Mar 2021 18:38:57 +0100 Subject: [PATCH] Fix XChangeFeedbackControl() request underflow CVE-2021-3472 / ZDI-CAN-1259 This vulnerability was discovered by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative Signed-off-by: Matthieu Herrb <matthieu@herrb.eu> --- Xi/chgfctl.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Xi/chgfctl.c b/Xi/chgfctl.c index 1de4da9..7a597e4 100644 --- a/Xi/chgfctl.c +++ b/Xi/chgfctl.c @@ -464,8 +464,11 @@ ProcXChangeFeedbackControl(ClientPtr client) break; case StringFeedbackClass: { - xStringFeedbackCtl *f = ((xStringFeedbackCtl *) &stuff[1]); + xStringFeedbackCtl *f; + REQUEST_AT_LEAST_EXTRA_SIZE(xChangeFeedbackControlReq, + sizeof(xStringFeedbackCtl)); + f = ((xStringFeedbackCtl *) &stuff[1]); if (client->swapped) { if (len < bytes_to_int32(sizeof(xStringFeedbackCtl))) return BadLength; -- 2.23.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.