SUSE-SU-2024:0165-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20240165-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:0165-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2024:0165-1
Related
Published
2024-01-19T11:55:08Z
Modified
2024-01-19T11:55:08Z
Summary
Security update for xwayland
Details

This update for xwayland fixes the following issues:

  • CVE-2023-6816: Fixed heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (bsc#1218582)
  • CVE-2024-0229: Fixed reattaching to different master device may lead to out-of-bounds memory access (bsc#1218583)
  • CVE-2024-0408: Fixed SELinux unlabeled GLX PBuffer. (bsc#1218845)
  • CVE-2024-0409: Fixed SELinux context corruption. (bsc#1218846)
  • CVE-2024-21885: Fixed heap buffer overflow in XISendDeviceHierarchyEvent (bsc#1218584)
  • CVE-2024-21886: Fixed heap buffer overflow in DisableDevice (bsc#1218585)
References

Affected packages