Bugzilla – Bug 1218846
VUL-0: CVE-2024-0409: xorg-x11-server,xwayland: SELinux context corruption
Last modified: 2024-02-12 10:45:12 UTC
CVE-2024-0409: SELinux context corruption Introduced in: xorg-server-1.16.0 (2014) Fixed in: xorg-server-21.1.11 and xwayland-23.2.4 Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/2ef0f1116c65d5cb06d7b6d83f8a1aea702c94f7 Found by: Olivier Fourdan The Xserver uses the mechanism of "privates" to store additional data to its own objects, each private has an associate "type". Each private is allocated for the relevant size of memory that is declared at creation. The cursor structure in the Xserver goes as far as having two keys, one for the cursor itself and another one for the bits that make the cursor shape. XSELINUX also uses privates but it's a bit of a special case because it uses the same privates keys for all different objects. What happens here is that the cursor code in both Xephyr and Xwayland uses the wrong type of private at creation, using the cursor bits type with the cursor private and when initiating the cursor, the overwrites the XSELINUX context. xorg-server-21.1.11 and xwayland-23.2.4 have been patched to fix this issue.
xorg-x11-server Update done for sle15-sp5 sle15-sp4 sle15-sp2 sle12-sp5 xwayland Update done for sle15-sp5 sle15-sp4 xorg-11-server/xwayland for X11:XOrg devel project, factory/TW and ALP was done before by updating to latest release, which already included these fixes. Reassigning to security team.
SUSE-SU-2024:0165-1: An update that solves six vulnerabilities can now be installed. Category: security (important) Bug References: 1218582, 1218583, 1218584, 1218585, 1218845, 1218846 CVE References: CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886 Sources used: openSUSE Leap 15.4 (src): xwayland-21.1.4-150400.3.31.1 SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src): xwayland-21.1.4-150400.3.31.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2024:0212-1: An update that solves two vulnerabilities can now be installed. Category: security (moderate) Bug References: 1218845, 1218846 CVE References: CVE-2024-0408, CVE-2024-0409 Sources used: openSUSE Leap 15.5 (src): xwayland-22.1.5-150500.7.17.1 SUSE Linux Enterprise Workstation Extension 15 SP5 (src): xwayland-22.1.5-150500.7.17.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2024:0236-1: An update that solves two vulnerabilities can now be installed. Category: security (moderate) Bug References: 1218845, 1218846 CVE References: CVE-2024-0408, CVE-2024-0409 Sources used: SUSE Linux Enterprise Software Development Kit 12 SP5 (src): xorg-x11-server-1.19.6-10.68.1 SUSE Linux Enterprise High Performance Computing 12 SP5 (src): xorg-x11-server-1.19.6-10.68.1 SUSE Linux Enterprise Server 12 SP5 (src): xorg-x11-server-1.19.6-10.68.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): xorg-x11-server-1.19.6-10.68.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2024:0252-1: An update that solves two vulnerabilities can now be installed. Category: security (moderate) Bug References: 1218845, 1218846 CVE References: CVE-2024-0408, CVE-2024-0409 Sources used: openSUSE Leap 15.4 (src): xorg-x11-server-1.20.3-150400.38.43.1 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src): xorg-x11-server-1.20.3-150400.38.43.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src): xorg-x11-server-1.20.3-150400.38.43.1 SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src): xorg-x11-server-1.20.3-150400.38.43.1 SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src): xorg-x11-server-1.20.3-150400.38.43.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src): xorg-x11-server-1.20.3-150400.38.43.1 SUSE Manager Proxy 4.3 (src): xorg-x11-server-1.20.3-150400.38.43.1 SUSE Manager Retail Branch Server 4.3 (src): xorg-x11-server-1.20.3-150400.38.43.1 SUSE Manager Server 4.3 (src): xorg-x11-server-1.20.3-150400.38.43.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2024:0251-1: An update that solves two vulnerabilities can now be installed. Category: security (moderate) Bug References: 1218845, 1218846 CVE References: CVE-2024-0408, CVE-2024-0409 Sources used: SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): xorg-x11-server-1.20.3-150200.22.5.91.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): xorg-x11-server-1.20.3-150200.22.5.91.1 SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src): xorg-x11-server-1.20.3-150200.22.5.91.1 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): xorg-x11-server-1.20.3-150200.22.5.91.1 SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): xorg-x11-server-1.20.3-150200.22.5.91.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): xorg-x11-server-1.20.3-150200.22.5.91.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): xorg-x11-server-1.20.3-150200.22.5.91.1 SUSE Linux Enterprise Workstation Extension 15 SP5 (src): xorg-x11-server-1.20.3-150200.22.5.91.1 SUSE Enterprise Storage 7.1 (src): xorg-x11-server-1.20.3-150200.22.5.91.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2024:0249-1: An update that solves two vulnerabilities can now be installed. Category: security (moderate) Bug References: 1218845, 1218846 CVE References: CVE-2024-0408, CVE-2024-0409 Sources used: Basesystem Module 15-SP5 (src): xorg-x11-server-21.1.4-150500.7.21.1 Development Tools Module 15-SP5 (src): xorg-x11-server-21.1.4-150500.7.21.1 openSUSE Leap 15.5 (src): xorg-x11-server-21.1.4-150500.7.21.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
This is an autogenerated message for OBS integration: This bug (1218846) was mentioned in https://build.opensuse.org/request/show/1145978 Factory / xorg-x11-server
This is an autogenerated message for OBS integration: This bug (1218846) was mentioned in https://build.opensuse.org/request/show/1146120 Factory / xorg-x11-server