OESA-2024-2317
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2317
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2024-2317.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2024-2317
- Upstream
- Published
- 2024-11-01T11:09:30Z
- Modified
- 2025-08-12T05:40:24.616463Z
- Summary
- xorg-x11-server security update
- Details
-
X.Org X11 X server
Security Fix(es):
A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be triggered during shutdown or reset of the Xvfb server, allowing for possible escalation of privileges or denial of service.(CVE-2023-5574)
- Database specific
{ "severity": "High" }- References
Affected packages
openEuler:20.03-LTS-SP4 / xorg-x11-server
Package
- Name
- xorg-x11-server
- Purl
- pkg:rpm/openEuler/xorg-x11-server&distro=openEuler-20.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.20.8-30.oe2003sp4
Ecosystem specific
{
"aarch64": [
"xorg-x11-server-1.20.8-30.oe2003sp4.aarch64.rpm",
"xorg-x11-server-Xephyr-1.20.8-30.oe2003sp4.aarch64.rpm",
"xorg-x11-server-debuginfo-1.20.8-30.oe2003sp4.aarch64.rpm",
"xorg-x11-server-debugsource-1.20.8-30.oe2003sp4.aarch64.rpm",
"xorg-x11-server-devel-1.20.8-30.oe2003sp4.aarch64.rpm"
],
"noarch": [
"xorg-x11-server-help-1.20.8-30.oe2003sp4.noarch.rpm"
],
"x86_64": [
"xorg-x11-server-1.20.8-30.oe2003sp4.x86_64.rpm",
"xorg-x11-server-Xephyr-1.20.8-30.oe2003sp4.x86_64.rpm",
"xorg-x11-server-debuginfo-1.20.8-30.oe2003sp4.x86_64.rpm",
"xorg-x11-server-debugsource-1.20.8-30.oe2003sp4.x86_64.rpm",
"xorg-x11-server-devel-1.20.8-30.oe2003sp4.x86_64.rpm"
],
"src": [
"xorg-x11-server-1.20.8-30.oe2003sp4.src.rpm"
]
}