Bug 13556

Summary:	[CVE 21] libx11 1.8.1 CVEs found
Product:	[ROSA-based products] ROSA Fresh	Reporter:	Yury <y.tumanov>
Component:	System (kernel, glibc, systemd, bash, PAM...)	Assignee:	ROSA Linux Bugs <bugs>
Status:	RESOLVED DUPLICATE	QA Contact:	ROSA Linux Bugs <bugs>
Severity:	critical
Priority:	High	CC:	e.kosachev, i.gaptrakhmanov, pastordidi, s.matveev, v.potapov, y.tumanov
Version:	All	Flags:	y.tumanov: secteam_verified+
Target Milestone:	---
Hardware:	All
OS:	Linux
URL:	CVE-2023-3138,
Whiteboard:
Platform:	2021.1	ROSA Vulnerability identifier:
RPM Package:		ISO-related:
Bad POT generating:		Upstream:

Description Yury 2023-08-24 00:21:45 MSK

Please patch CVEs for package libx11 version 1.8.1
  
INFO (CVEs are): libx11 1.8.1
 cves found
CVE-2023-3138
Desc: A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption.
Link: https://nvd.nist.gov/vuln/detail/CVE-2023-3138
Severity: HIGH

Comment 1 ilfat 2023-10-18 14:19:54 MSK

********** QA ADVISORY **********

CVE has been fixed by a patch

https://abf.rosalinux.ru/build_lists/4758457 aarch64
https://abf.rosalinux.ru/build_lists/4758455 i686
https://abf.rosalinux.ru/build_lists/4758456 x86_64
https://abf.rosalinux.ru/build_lists/4758459 e2kv4
https://abf.rosalinux.ru/build_lists/4758458 riscv64

Comment 2 Dmitry Postnikov 2023-10-19 11:30:51 MSK

***************************
Апдейт отослан в Тестинг

Comment 3 Yury 2023-10-19 17:54:25 MSK

secteam_verified

Comment 4 ilfat 2023-10-20 11:48:38 MSK

(In reply to Dmitry Postnikov from comment #2)
> ***************************
> Апдейт отослан в Тестинг

Еще 3 CVE будут закрыты в этом баге
https://bugzilla.rosalinux.ru/show_bug.cgi?id=13893

Comment 5 Dmitry Postnikov 2023-10-22 21:07:12 MSK

*** Bug 13893 has been marked as a duplicate of this bug. ***

Comment 6 Vladimir Potapov 2023-10-24 13:09:04 MSK


*** This bug has been marked as a duplicate of bug 13893 ***