FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-27 12:04:33 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
972568d6-3485-40ab-80ff-994a8aaf9683	xorg-server -- Multiple vulnerabilities The X.Org project reports: CVE-2023-6377/ZDI-CAN-22412/ZDI-CAN-22413: X.Org server: Out-of-bounds memory write in XKB button actions A device has XKB button actions for each button on the device. When a logical device switch happens (e.g. moving from a touchpad to a mouse), the server re-calculates the information available on the respective master device (typically the Virtual Core Pointer). This re-calculation only allocated enough memory for a single XKB action rather instead of enough for the newly active physical device's number of button. As a result, querying or changing the XKB button actions results in out-of-bounds memory reads and writes. This may lead to local privilege escalation if the server is run as root or remote code execution (e.g. x11 over ssh). CVE-2023-6478/ZDI-CAN-22561: X.Org server: Out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty This fixes an OOB read and the resulting information disclosure. Length calculation for the request was clipped to a 32-bit integer. With the correct stuff->nUnits value the expected request size was truncated, passing the REQUEST_FIXED_SIZE check. The server then proceeded with reading at least stuff->nUnits bytes (depending on stuff->format) from the request and stuffing whatever it finds into the property. In the process it would also allocate at least stuff->nUnits bytes, i.e. 4GB. Discovery 2023-12-13 Entry 2023-12-13 xorg-server xephyr xorg-vfbserver < 21.1.10,1 xorg-nestserver < 21.1.10,2 xwayland < 23.2.3,1 xwayland-devel < 21.0.99.1.582 https://lists.x.org/archives/xorg-announce/2023-December/003435.html CVE-2023-6377 CVE-2023-6478
141f2a22-a6a7-11ef-b282-0c9d92850f7a	xorg server -- _XkbSetCompatMap vulnerability The X.Org project reports: CVE-2024-9632: Heap buffer Heap-based buffer overflow privilege escalation in _XkbSetCompatMap The _XkbSetCompatMap() function attempts to resize the `sym_interpret` buffer. However, It didn't update its size properly. It updated `num_si` only, without updating `size_si`. This may lead to local privilege escalation if the server is run as root or remote code execution (e.g. x11 over ssh). Discovery 2024-10-29 Entry 2024-11-19 xorg-server < 21.1.14,1 xwayland < 24.1.4,1 CVE-2024-9632 https://lists.x.org/archives/xorg-announce/2024-October/003545.html

VuXML ID

Description

972568d6-3485-40ab-80ff-994a8aaf9683

xorg-server -- Multiple vulnerabilities

The X.Org project reports:

CVE-2023-6377/ZDI-CAN-22412/ZDI-CAN-22413: X.Org server: Out-of-bounds memory write in XKB button actions
A device has XKB button actions for each button on the device. When a logical device switch happens (e.g. moving from a touchpad to a mouse), the server re-calculates the information available on the respective master device (typically the Virtual Core Pointer). This re-calculation only allocated enough memory for a single XKB action rather instead of enough for the newly active physical device's number of button. As a result, querying or changing the XKB button actions results in out-of-bounds memory reads and writes.

This may lead to local privilege escalation if the server is run as root or remote code execution (e.g. x11 over ssh).

CVE-2023-6478/ZDI-CAN-22561: X.Org server: Out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
This fixes an OOB read and the resulting information disclosure.

Length calculation for the request was clipped to a 32-bit integer. With the correct stuff->nUnits value the expected request size was truncated, passing the REQUEST_FIXED_SIZE check.

The server then proceeded with reading at least stuff->nUnits bytes (depending on stuff->format) from the request and stuffing whatever it finds into the property. In the process it would also allocate at least stuff->nUnits bytes, i.e. 4GB.

Discovery 2023-12-13
Entry 2023-12-13
xorg-server
xephyr
xorg-vfbserver

< 21.1.10,1

xorg-nestserver

< 21.1.10,2

xwayland

< 23.2.3,1

xwayland-devel

< 21.0.99.1.582

https://lists.x.org/archives/xorg-announce/2023-December/003435.html
CVE-2023-6377
CVE-2023-6478

141f2a22-a6a7-11ef-b282-0c9d92850f7a

xorg server -- _XkbSetCompatMap vulnerability

The X.Org project reports:

CVE-2024-9632: Heap buffer Heap-based buffer overflow privilege escalation in _XkbSetCompatMap
The _XkbSetCompatMap() function attempts to resize the `sym_interpret` buffer. However, It didn't update its size properly. It updated `num_si` only, without updating `size_si`. This may lead to local privilege escalation if the server is run as root or remote code execution (e.g. x11 over ssh).

Discovery 2024-10-29
Entry 2024-11-19
xorg-server

< 21.1.14,1

xwayland

< 24.1.4,1

CVE-2024-9632
https://lists.x.org/archives/xorg-announce/2024-October/003545.html