Bug 1217765 (CVE-2023-6377)

Summary: VUL-0: CVE-2023-6377: xorg-x11-server,xwayland: Out-of-bounds memory write in XKB button actions
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P3 - Medium CC: ali.abdallah, arlan.biesecker, davide.benini, gfx-enterprise-bugs, joan.torres, meissner, sndirsch, thomas.leroy
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/386880/
Whiteboard: CVSSv3.1:SUSE:CVE-2023-6377:8.4:(AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Found By: System Test Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: 0001-Xi-allocate-enough-XkbActions-for-our-buttons.patch

Comment 1 Marcus Meissner 2023-12-04 09:44:10 UTC 
Created attachment 871125 [details]
0001-Xi-allocate-enough-XkbActions-for-our-buttons.patch

0001-Xi-allocate-enough-XkbActions-for-our-buttons.patch
Comment 2 Stefan Dirsch 2023-12-04 19:31:00 UTC 
I've just submitted xorg-x11-server and xwayland updates for sle15-sp5,sp4,sp2 and sle12-sp5. Unfortunately I'm already on vacation on CRD next wekk. I'll update devel project X11:XOrg, factory/TW, SP6 and ALP when I'm back on January 8th.
Comment 9 OBSbugzilla Bot 2023-12-13 10:45:02 UTC 
This is an autogenerated message for OBS integration:
This bug (1217765) was mentioned in
https://build.opensuse.org/request/show/1132832 Factory / xwayland
https://build.opensuse.org/request/show/1132834 Factory / xorg-x11-server
Comment 11 Joan Torres 2023-12-13 12:07:41 UTC 
Hi Thomas.
I've just updated the fix for:
* SLE-15-SP5
* SLE-15-SP4
* SLE-15-SP2
* SLE-12-SP5

And also it's added to:
* openSUSE:Factory
* SLE-15-SP6
* ALP
Comment 13 Thomas Leroy 2023-12-13 14:06:20 UTC 
(In reply to Joan Torres from comment #11)
> Hi Thomas.
> I've just updated the fix for:
> * SLE-15-SP5
> * SLE-15-SP4
> * SLE-15-SP2
> * SLE-12-SP5
> 
> And also it's added to:
> * openSUSE:Factory
> * SLE-15-SP6
> * ALP

Thanks for your quick move Joan. I got confirmation from X.Org maintainers that the first fix was incomplete, and not introducing a regression, so we released Stefan's SRs with patch v1. The SRs were also correctly fixing CVE-2023-6478.
Therefore, your very new SRs are now broken... Could you please re-submit for
* SLE-15-SP5
* SLE-15-SP4
* SLE-15-SP2
* SLE-12-SP5
again please? :)
Comment 14 Joan Torres 2023-12-13 16:21:16 UTC 
(In reply to Thomas Leroy from comment #13)
> Thanks for your quick move Joan. I got confirmation from X.Org maintainers
> that the first fix was incomplete, and not introducing a regression, so we
> released Stefan's SRs with patch v1. The SRs were also correctly fixing
> CVE-2023-6478.
> Therefore, your very new SRs are now broken... Could you please re-submit for
> * SLE-15-SP5
> * SLE-15-SP4
> * SLE-15-SP2
> * SLE-12-SP5
> again please? :)

Done.
Comment 15 Maintenance Automation 2023-12-13 16:30:31 UTC 
SUSE-SU-2023:4792-1: An update that solves two vulnerabilities can now be installed.

Category: security (important)
Bug References: 1217765, 1217766
CVE References: CVE-2023-6377, CVE-2023-6478
Sources used:
openSUSE Leap 15.4 (src): xwayland-21.1.4-150400.3.23.1
SUSE Linux Enterprise Workstation Extension 15 SP4 (src): xwayland-21.1.4-150400.3.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 16 Maintenance Automation 2023-12-13 16:30:35 UTC 
SUSE-SU-2023:4791-1: An update that solves two vulnerabilities can now be installed.

Category: security (important)
Bug References: 1217765, 1217766
CVE References: CVE-2023-6377, CVE-2023-6478
Sources used:
openSUSE Leap 15.4 (src): xorg-x11-server-1.20.3-150400.38.32.1
Basesystem Module 15-SP4 (src): xorg-x11-server-1.20.3-150400.38.32.1
Development Tools Module 15-SP4 (src): xorg-x11-server-1.20.3-150400.38.32.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Maintenance Automation 2023-12-13 16:30:38 UTC 
SUSE-SU-2023:4790-1: An update that solves two vulnerabilities can now be installed.

Category: security (important)
Bug References: 1217765, 1217766
CVE References: CVE-2023-6377, CVE-2023-6478
Sources used:
SUSE Linux Enterprise Software Development Kit 12 SP5 (src): xorg-x11-server-1.19.6-10.59.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): xorg-x11-server-1.19.6-10.59.1
SUSE Linux Enterprise Server 12 SP5 (src): xorg-x11-server-1.19.6-10.59.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): xorg-x11-server-1.19.6-10.59.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Maintenance Automation 2023-12-13 16:30:40 UTC 
SUSE-SU-2023:4789-1: An update that solves two vulnerabilities can now be installed.

Category: security (important)
Bug References: 1217765, 1217766
CVE References: CVE-2023-6377, CVE-2023-6478
Sources used:
openSUSE Leap 15.4 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise Workstation Extension 15 SP4 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise Workstation Extension 15 SP5 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Enterprise Storage 7.1 (src): xorg-x11-server-1.20.3-150200.22.5.82.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Maintenance Automation 2023-12-13 16:30:42 UTC 
SUSE-SU-2023:4788-1: An update that solves two vulnerabilities can now be installed.

Category: security (important)
Bug References: 1217765, 1217766
CVE References: CVE-2023-6377, CVE-2023-6478
Sources used:
openSUSE Leap 15.5 (src): xwayland-22.1.5-150500.7.8.1
SUSE Linux Enterprise Workstation Extension 15 SP5 (src): xwayland-22.1.5-150500.7.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Maintenance Automation 2023-12-13 16:30:44 UTC 
SUSE-SU-2023:4787-1: An update that solves two vulnerabilities can now be installed.

Category: security (important)
Bug References: 1217765, 1217766
CVE References: CVE-2023-6377, CVE-2023-6478
Sources used:
openSUSE Leap 15.5 (src): xorg-x11-server-21.1.4-150500.7.10.1
Basesystem Module 15-SP5 (src): xorg-x11-server-21.1.4-150500.7.10.1
Development Tools Module 15-SP5 (src): xorg-x11-server-21.1.4-150500.7.10.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Maintenance Automation 2023-12-20 12:30:04 UTC 
SUSE-SU-2023:4926-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1217765
CVE References: CVE-2023-6377
Sources used:
openSUSE Leap 15.4 (src): xwayland-21.1.4-150400.3.26.1
SUSE Linux Enterprise Workstation Extension 15 SP4 (src): xwayland-21.1.4-150400.3.26.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 23 Maintenance Automation 2023-12-20 12:30:06 UTC 
SUSE-SU-2023:4925-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1217765
CVE References: CVE-2023-6377
Sources used:
openSUSE Leap 15.5 (src): xorg-x11-server-21.1.4-150500.7.13.1
Basesystem Module 15-SP5 (src): xorg-x11-server-21.1.4-150500.7.13.1
Development Tools Module 15-SP5 (src): xorg-x11-server-21.1.4-150500.7.13.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 24 Maintenance Automation 2023-12-20 20:30:18 UTC 
SUSE-SU-2023:4935-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1217765
CVE References: CVE-2023-6377
Sources used:
SUSE Linux Enterprise Software Development Kit 12 SP5 (src): xorg-x11-server-1.19.6-10.62.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): xorg-x11-server-1.19.6-10.62.1
SUSE Linux Enterprise Server 12 SP5 (src): xorg-x11-server-1.19.6-10.62.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): xorg-x11-server-1.19.6-10.62.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 Maintenance Automation 2023-12-20 20:30:20 UTC 
SUSE-SU-2023:4934-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1217765
CVE References: CVE-2023-6377
Sources used:
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise Workstation Extension 15 SP4 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise Workstation Extension 15 SP5 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Enterprise Storage 7.1 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
openSUSE Leap 15.4 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): xorg-x11-server-1.20.3-150200.22.5.85.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 26 Maintenance Automation 2023-12-20 20:30:23 UTC 
SUSE-SU-2023:4933-1: An update that has one security fix can now be installed.

Category: security (important)
Bug References: 1217765
Sources used:
openSUSE Leap 15.5 (src): xwayland-22.1.5-150500.7.11.1
SUSE Linux Enterprise Workstation Extension 15 SP5 (src): xwayland-22.1.5-150500.7.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Maintenance Automation 2023-12-22 08:30:24 UTC 
SUSE-SU-2023:4949-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1217765
CVE References: CVE-2023-6377
Sources used:
Basesystem Module 15-SP4 (src): xorg-x11-server-1.20.3-150400.38.35.1
Development Tools Module 15-SP4 (src): xorg-x11-server-1.20.3-150400.38.35.1
openSUSE Leap 15.4 (src): xorg-x11-server-1.20.3-150400.38.35.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 28 Stefan Dirsch 2024-01-06 20:51:29 UTC 
Reassigning to security team.
Comment 30 OBSbugzilla Bot 2024-01-16 23:35:05 UTC 
This is an autogenerated message for OBS integration:
This bug (1217765) was mentioned in
https://build.opensuse.org/request/show/1139316 Factory / xwayland
Comment 32 OBSbugzilla Bot 2024-01-17 11:35:01 UTC 
This is an autogenerated message for OBS integration:
This bug (1217765) was mentioned in
https://build.opensuse.org/request/show/1139423 Factory / xwayland
Comment 36 OBSbugzilla Bot 2024-02-12 10:45:08 UTC 
This is an autogenerated message for OBS integration:
This bug (1217765) was mentioned in
https://build.opensuse.org/request/show/1146120 Factory / xorg-x11-server
Comment 40 Carlos López 2024-05-28 11:52:57 UTC 
Done, closing.