1217765 – (CVE-2023-6377) VUL-0: CVE-2023-6377: xorg-x11-server,xwayland: Out-of-bounds memory write in XKB button actions

Bug 1217765 (CVE-2023-6377) - VUL-0: CVE-2023-6377: xorg-x11-server,xwayland: Out-of-bounds memory write in XKB button actions

Summary: VUL-0: CVE-2023-6377: xorg-x11-server,xwayland: Out-of-bounds memory write in...

Status:	RESOLVED FIXED

Alias:	CVE-2023-6377

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Major
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/386880/
Whiteboard:	CVSSv3.1:SUSE:CVE-2023-6377:8.4:(AV:L...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2023-12-04 09:43 UTC by SMASH SMASH
Modified:	2024-05-28 11:52 UTC (History)
CC List:	8 users (show)

See Also:
Found By:	System Test
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
0001-Xi-allocate-enough-XkbActions-for-our-buttons.patch (2.95 KB, patch) 2023-12-04 09:44 UTC, Marcus Meissner	Details \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Comment 1 Marcus Meissner 2023-12-04 09:44:10 UTC

Created attachment 871125 [details]
0001-Xi-allocate-enough-XkbActions-for-our-buttons.patch

0001-Xi-allocate-enough-XkbActions-for-our-buttons.patch

Comment 2 Stefan Dirsch 2023-12-04 19:31:00 UTC

I've just submitted xorg-x11-server and xwayland updates for sle15-sp5,sp4,sp2 and sle12-sp5. Unfortunately I'm already on vacation on CRD next wekk. I'll update devel project X11:XOrg, factory/TW, SP6 and ALP when I'm back on January 8th.

Comment 6 Marcus Meissner 2023-12-13 09:03:58 UTC

public

CVE-2023-6377 has following references:
        CVE-2023-6377: https://www.cve.org/CVERecord?id=CVE-2023-6377

        https://gitlab.freedesktop.org/xorg/xserver/-/commit/0c1a93d319558fe3ab2d94f51d174b4f93810afd: https://gitlab.freedesktop.org/xorg/xserver/-/commit/0c1a93d319558fe3ab2d94f51d174b4f93810afd
        https://lists.x.org/archives/xorg-announce/2023-December/003435.html: https://lists.x.org/archives/xorg-announce/2023-December/003435.html

Comment 9 OBSbugzilla Bot 2023-12-13 10:45:02 UTC

This is an autogenerated message for OBS integration:
This bug (1217765) was mentioned in
https://build.opensuse.org/request/show/1132832 Factory / xwayland
https://build.opensuse.org/request/show/1132834 Factory / xorg-x11-server

Comment 11 Joan Torres 2023-12-13 12:07:41 UTC

Hi Thomas.
I've just updated the fix for:
* SLE-15-SP5
* SLE-15-SP4
* SLE-15-SP2
* SLE-12-SP5

And also it's added to:
* openSUSE:Factory
* SLE-15-SP6
* ALP

Comment 13 Thomas Leroy 2023-12-13 14:06:20 UTC

(In reply to Joan Torres from comment #11)
> Hi Thomas.
> I've just updated the fix for:
> * SLE-15-SP5
> * SLE-15-SP4
> * SLE-15-SP2
> * SLE-12-SP5
> 
> And also it's added to:
> * openSUSE:Factory
> * SLE-15-SP6
> * ALP

Thanks for your quick move Joan. I got confirmation from X.Org maintainers that the first fix was incomplete, and not introducing a regression, so we released Stefan's SRs with patch v1. The SRs were also correctly fixing CVE-2023-6478.
Therefore, your very new SRs are now broken... Could you please re-submit for
* SLE-15-SP5
* SLE-15-SP4
* SLE-15-SP2
* SLE-12-SP5
again please? :)

Comment 14 Joan Torres 2023-12-13 16:21:16 UTC

(In reply to Thomas Leroy from comment #13)
> Thanks for your quick move Joan. I got confirmation from X.Org maintainers
> that the first fix was incomplete, and not introducing a regression, so we
> released Stefan's SRs with patch v1. The SRs were also correctly fixing
> CVE-2023-6478.
> Therefore, your very new SRs are now broken... Could you please re-submit for
> * SLE-15-SP5
> * SLE-15-SP4
> * SLE-15-SP2
> * SLE-12-SP5
> again please? :)

Done.

Comment 15 Maintenance Automation 2023-12-13 16:30:31 UTC

SUSE-SU-2023:4792-1: An update that solves two vulnerabilities can now be installed.

Category: security (important)
Bug References: 1217765, 1217766
CVE References: CVE-2023-6377, CVE-2023-6478
Sources used:
openSUSE Leap 15.4 (src): xwayland-21.1.4-150400.3.23.1
SUSE Linux Enterprise Workstation Extension 15 SP4 (src): xwayland-21.1.4-150400.3.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 16 Maintenance Automation 2023-12-13 16:30:35 UTC

SUSE-SU-2023:4791-1: An update that solves two vulnerabilities can now be installed.

Category: security (important)
Bug References: 1217765, 1217766
CVE References: CVE-2023-6377, CVE-2023-6478
Sources used:
openSUSE Leap 15.4 (src): xorg-x11-server-1.20.3-150400.38.32.1
Basesystem Module 15-SP4 (src): xorg-x11-server-1.20.3-150400.38.32.1
Development Tools Module 15-SP4 (src): xorg-x11-server-1.20.3-150400.38.32.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 17 Maintenance Automation 2023-12-13 16:30:38 UTC

SUSE-SU-2023:4790-1: An update that solves two vulnerabilities can now be installed.

Category: security (important)
Bug References: 1217765, 1217766
CVE References: CVE-2023-6377, CVE-2023-6478
Sources used:
SUSE Linux Enterprise Software Development Kit 12 SP5 (src): xorg-x11-server-1.19.6-10.59.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): xorg-x11-server-1.19.6-10.59.1
SUSE Linux Enterprise Server 12 SP5 (src): xorg-x11-server-1.19.6-10.59.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): xorg-x11-server-1.19.6-10.59.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 18 Maintenance Automation 2023-12-13 16:30:40 UTC

SUSE-SU-2023:4789-1: An update that solves two vulnerabilities can now be installed.

Category: security (important)
Bug References: 1217765, 1217766
CVE References: CVE-2023-6377, CVE-2023-6478
Sources used:
openSUSE Leap 15.4 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise Workstation Extension 15 SP4 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Linux Enterprise Workstation Extension 15 SP5 (src): xorg-x11-server-1.20.3-150200.22.5.82.1
SUSE Enterprise Storage 7.1 (src): xorg-x11-server-1.20.3-150200.22.5.82.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 19 Maintenance Automation 2023-12-13 16:30:42 UTC

SUSE-SU-2023:4788-1: An update that solves two vulnerabilities can now be installed.

Category: security (important)
Bug References: 1217765, 1217766
CVE References: CVE-2023-6377, CVE-2023-6478
Sources used:
openSUSE Leap 15.5 (src): xwayland-22.1.5-150500.7.8.1
SUSE Linux Enterprise Workstation Extension 15 SP5 (src): xwayland-22.1.5-150500.7.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 20 Maintenance Automation 2023-12-13 16:30:44 UTC

SUSE-SU-2023:4787-1: An update that solves two vulnerabilities can now be installed.

Category: security (important)
Bug References: 1217765, 1217766
CVE References: CVE-2023-6377, CVE-2023-6478
Sources used:
openSUSE Leap 15.5 (src): xorg-x11-server-21.1.4-150500.7.10.1
Basesystem Module 15-SP5 (src): xorg-x11-server-21.1.4-150500.7.10.1
Development Tools Module 15-SP5 (src): xorg-x11-server-21.1.4-150500.7.10.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 22 Maintenance Automation 2023-12-20 12:30:04 UTC

SUSE-SU-2023:4926-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1217765
CVE References: CVE-2023-6377
Sources used:
openSUSE Leap 15.4 (src): xwayland-21.1.4-150400.3.26.1
SUSE Linux Enterprise Workstation Extension 15 SP4 (src): xwayland-21.1.4-150400.3.26.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 23 Maintenance Automation 2023-12-20 12:30:06 UTC

SUSE-SU-2023:4925-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1217765
CVE References: CVE-2023-6377
Sources used:
openSUSE Leap 15.5 (src): xorg-x11-server-21.1.4-150500.7.13.1
Basesystem Module 15-SP5 (src): xorg-x11-server-21.1.4-150500.7.13.1
Development Tools Module 15-SP5 (src): xorg-x11-server-21.1.4-150500.7.13.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 24 Maintenance Automation 2023-12-20 20:30:18 UTC

SUSE-SU-2023:4935-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1217765
CVE References: CVE-2023-6377
Sources used:
SUSE Linux Enterprise Software Development Kit 12 SP5 (src): xorg-x11-server-1.19.6-10.62.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): xorg-x11-server-1.19.6-10.62.1
SUSE Linux Enterprise Server 12 SP5 (src): xorg-x11-server-1.19.6-10.62.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): xorg-x11-server-1.19.6-10.62.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 25 Maintenance Automation 2023-12-20 20:30:20 UTC

SUSE-SU-2023:4934-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1217765
CVE References: CVE-2023-6377
Sources used:
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise Workstation Extension 15 SP4 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise Workstation Extension 15 SP5 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Enterprise Storage 7.1 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
openSUSE Leap 15.4 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): xorg-x11-server-1.20.3-150200.22.5.85.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): xorg-x11-server-1.20.3-150200.22.5.85.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 26 Maintenance Automation 2023-12-20 20:30:23 UTC

SUSE-SU-2023:4933-1: An update that has one security fix can now be installed.

Category: security (important)
Bug References: 1217765
Sources used:
openSUSE Leap 15.5 (src): xwayland-22.1.5-150500.7.11.1
SUSE Linux Enterprise Workstation Extension 15 SP5 (src): xwayland-22.1.5-150500.7.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 27 Maintenance Automation 2023-12-22 08:30:24 UTC

SUSE-SU-2023:4949-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1217765
CVE References: CVE-2023-6377
Sources used:
Basesystem Module 15-SP4 (src): xorg-x11-server-1.20.3-150400.38.35.1
Development Tools Module 15-SP4 (src): xorg-x11-server-1.20.3-150400.38.35.1
openSUSE Leap 15.4 (src): xorg-x11-server-1.20.3-150400.38.35.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 28 Stefan Dirsch 2024-01-06 20:51:29 UTC

Reassigning to security team.

Comment 30 OBSbugzilla Bot 2024-01-16 23:35:05 UTC

This is an autogenerated message for OBS integration:
This bug (1217765) was mentioned in
https://build.opensuse.org/request/show/1139316 Factory / xwayland

Comment 32 OBSbugzilla Bot 2024-01-17 11:35:01 UTC

This is an autogenerated message for OBS integration:
This bug (1217765) was mentioned in
https://build.opensuse.org/request/show/1139423 Factory / xwayland

Comment 36 OBSbugzilla Bot 2024-02-12 10:45:08 UTC

This is an autogenerated message for OBS integration:
This bug (1217765) was mentioned in
https://build.opensuse.org/request/show/1146120 Factory / xorg-x11-server

Comment 40 Carlos López 2024-05-28 11:52:57 UTC

Done, closing.