Bug 1222442 - [20240404] Xorg crash running Android studio
Summary: [20240404] Xorg crash running Android studio
Status: RESOLVED FIXED
Alias: None
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: X.Org (show other bugs)
Version: Current
Hardware: Other Other
: P3 - Medium : Normal (vote)
Target Milestone: ---
Assignee: Gfx Bugs
QA Contact: Gfx Bugs
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-04-08 08:34 UTC by Michael Pujos
Modified: 2024-07-12 13:35 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Pujos 2024-04-08 08:34:51 UTC 
Since snapshot 20240404 and upgrade of xorg-x11-server (21.1.11 -> 21.1.12), starting Android Studio crashes Xorg hard everytime.
Most specifically, I am using Android Studio Koala | 2024.1.1 Canary 3 that can be downloaded here: https://developer.android.com/studio/preview. I would not be surprised this crash happens with other Jetbrains IDE but I have not tried.

I triggered 2 crashes, both of which killed the Xorg process. There first crash had a crash stack in journalctl why the other did not:

Apr 08 10:06:11 p72 systemd-coredump[16070]: [🡕] Process 11338 (Xorg.bin) of user 1000 dumped core.
                                             
                                             Stack trace of thread 11338:
                                             #0  0x00007f63b22949ec __pthread_kill_implementation (libc.so.6 + 0x949ec)
                                             #1  0x00007f63b2241176 raise (libc.so.6 + 0x41176)
                                             #2  0x00007f63b2228917 abort (libc.so.6 + 0x28917)
                                             #3  0x0000555e1e464efc n/a (/usr/bin/Xorg.bin + 0x1dbefc)
                                             #4  0x00007ffee9bf4ba0 n/a (n/a + 0x0)
                                             ELF object binary architecture: AMD x86-64



Reverting to 21.1.11 fixes that issue and I have added a lock for package xorg-x11-server for the time being.
Comment 1 Fabian Vogt 2024-04-08 09:00:03 UTC 
> #2  0x00007f63b2228917 abort (libc.so.6 + 0x28917)

Aborts usually have a preceding error message. Depending on the used display manager that should be somewhere in ~/.local or /var/log/Xorg.*.log
Comment 2 Michael Pujos 2024-04-08 09:15:29 UTC 
I need to make it crash again to generate a Xorg log with more info.
I will do that later as I need my laptop functioning at the moment.
I am also a bit wary of making it crash again as it drops me to the vconsole with no key working (out of 3 crashes, this happened twice), and I have to do an unclean shutdown of the laptop long-pressing its power button.
For info, I am starting Xorg with startx which is unusual.
Comment 3 Michael Pujos 2024-04-08 09:21:02 UTC 
Also of note, there is a coredump that as generated (in only 1 of the 3 crashes) but coredumpctl says it is inaccessible while the file exists:

  Storage: /var/lib/systemd/coredump/core.Xorg\x2ebin.1000.140a9d06219f4ea99ea51127a7f00da7.11338.1712563570000000.zst (inaccessible)
       Message: Process 11338 (Xorg.bin) of user 1000 dumped core.
                
                Stack trace of thread 11338:
                #0  0x00007f63b22949ec __pthread_kill_implementation (libc.so.6 + 0x949ec)
                #1  0x00007f63b2241176 raise (libc.so.6 + 0x41176)
                #2  0x00007f63b2228917 abort (libc.so.6 + 0x28917)
                #3  0x0000555e1e464efc n/a (/usr/bin/Xorg.bin + 0x1dbefc)
                #4  0x00007ffee9bf4ba0 n/a (n/a + 0x0)
                ELF object binary architecture: AMD x86-64



The filename has a weird escaped character with \x, but the file do exist:

/var/log> ll  /var/lib/systemd/coredump/core.Xorg\\x2ebin.1000.140a9d06219f4ea99ea51127a7f00da7.11338.1712563570000000.zst 
-rw-r----- 1 root root 6.1M Apr  8 10:06 '/var/lib/systemd/coredump/core.Xorg\x2ebin.1000.140a9d06219f4ea99ea51127a7f00da7.11338.1712563570000000.zst'
Comment 4 Stefan Dirsch 2024-04-08 09:58:59 UTC 
No idea. First bisect to test here (still building)

-------------------------------------------------------------------
Mon Apr  8 09:32:11 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>

- git bisect between 21.1.11 and 21.1.12
  Bisecting: 4 revisions left to test after this (roughly 2 steps)
  [5ca3a95135d9c89753e2af19da5a2615ea2be1c3] Xext: SProcSyncCreateFence needs to swap drawable id too

--> https://build.opensuse.org/project/show/home:sndirsch:branches:X11:XOrg
Comment 5 Michael Pujos 2024-04-08 10:36:10 UTC 
Stefan, your package is not crashing (manually installed xorg-x11-server-21.1.11-749.1.x86_64.rpm)

I have also switched to using to regular SDDM for troubleshooting with the advantage of being dropped to the SDDM login when it crashes (rather than having to hard reboot due to the issue I mentioned).

Here's the relevant crash lines in Xorg.0.log:

[   126.867] (EE) 
[   126.867] (EE) Backtrace:
[   126.867] (EE) 0: /usr/bin/Xorg.bin (xorg_backtrace+0x7e) [0x56165c485b8e]
[   126.868] (EE) 1: /usr/bin/Xorg.bin (0x56165c2af000+0x1df5f9) [0x56165c48e5f9]
[   126.868] (EE) 2: /lib64/libc.so.6 (0x7f908e600000+0x41240) [0x7f908e641240]
[   126.868] (EE) 3: /lib64/libc.so.6 (0x7f908e600000+0x949ec) [0x7f908e6949ec]
[   126.868] (EE) 4: /lib64/libc.so.6 (gsignal+0x18) [0x7f908e641176]
[   126.868] (EE) 5: /lib64/libc.so.6 (abort+0xd9) [0x7f908e628917]
[   126.868] (EE) 6: /lib64/libc.so.6 (0x7f908e600000+0x297e8) [0x7f908e6297e8]
[   126.868] (EE) 7: /lib64/libc.so.6 (0x7f908e600000+0x9f3c7) [0x7f908e69f3c7]
[   126.868] (EE) 8: /lib64/libc.so.6 (malloc+0x2fe) [0x7f908e6a3cdc]
[   126.868] (EE) 9: /usr/bin/Xorg.bin (0x56165c2af000+0x13536d) [0x56165c3e436d]
[   126.868] (EE) 10: /usr/bin/Xorg.bin (0x56165c2af000+0x140b8a) [0x56165c3efb8a]
[   126.868] (EE) 11: /usr/bin/Xorg.bin (0x56165c2af000+0x4d707) [0x56165c2fc707]
[   126.868] (EE) 12: /lib64/libc.so.6 (0x7f908e600000+0x2a1f0) [0x7f908e62a1f0]
[   126.868] (EE) 13: /lib64/libc.so.6 (__libc_start_main+0x8b) [0x7f908e62a2b9]
[   126.868] (EE) 14: /usr/bin/Xorg.bin (_start+0x27) [0x56165c2fca35]
[   126.868] (EE) 
[   126.868] (EE) 
Fatal server error:
[   126.868] (EE) Caught signal 6 (Aborted). Server aborting
Comment 6 Stefan Dirsch 2024-04-08 10:53:38 UTC 
Thanks. Next bisect to test here (still building)

-------------------------------------------------------------------
Mon Apr  8 10:45:01 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>

- git bisect between 21.1.11 and 21.1.12 (continued)
  Bisecting: 2 revisions left to test after this (roughly 1 step)
  [cea92ca78f900bfb4c9a5540dfd631e065b9151b] Xi: ProcXIPassiveGrabDevice needs to use unswapped length to send reply
Comment 7 Michael Pujos 2024-04-08 12:03:33 UTC 
No crash again with this new version (750)
Comment 8 Stefan Dirsch 2024-04-08 13:40:39 UTC 
Thanks. Next bisect to test here (still building)

-------------------------------------------------------------------
Mon Apr  8 13:30:47 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>

- git bisect between 21.1.11 and 21.1.12 (continued)
  Bisecting: 0 revisions left to test after this (roughly 1 step)
  [1173156404be826f50f453ca11bda28ccb5a5268] render: fix refcounting of glyphs during ProcRenderAddGlyphs
Comment 9 Michael Pujos 2024-04-08 14:31:59 UTC 
This one (751) is crashing.
Comment 10 Stefan Dirsch 2024-04-08 14:47:33 UTC 
Thanks. Last bisect to test here (still building)

-------------------------------------------------------------------
Mon Apr  8 14:39:44 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>

- git bisect between 21.1.11 and 21.1.12 (continued)
  Bisecting: 0 revisions left to test after this (roughly 0 steps)
  [0e34d8ebc98a0ba6f9f0a2f8f5045761bccc45d3] Xquartz: ProcAppleDRICreatePixmap needs to use unswapped length to send reply
Comment 11 Michael Pujos 2024-04-08 15:43:23 UTC 
Last one (752) does not crash.

I could test that both Android Studio Koala and Iguana crash, but not Intellij IDEA community. Weird issue for sure.
Comment 12 Michael Pujos 2024-04-08 15:44:48 UTC 
^ meant "both Android Studio Koala and Iguana make Xorg crash".
Comment 13 Stefan Dirsch 2024-04-08 16:01:11 UTC 
git bisect good
1173156404be826f50f453ca11bda28ccb5a5268 is the first bad commit
commit 1173156404be826f50f453ca11bda28ccb5a5268
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Tue Jan 30 13:13:35 2024 +1000

    render: fix refcounting of glyphs during ProcRenderAddGlyphs
    
    Previously, AllocateGlyph would return a new glyph with refcount=0 and a
    re-used glyph would end up not changing the refcount at all. The
    resulting glyph_new array would thus have multiple entries pointing to
    the same non-refcounted glyphs.
    
    AddGlyph may free a glyph, resulting in a UAF when the same glyph
    pointer is then later used.
    
    Fix this by returning a refcount of 1 for a new glyph and always
    incrementing the refcount for a re-used glyph, followed by dropping that
    refcount back down again when we're done with it.
    
    CVE-2024-31083, ZDI-CAN-22880
    
    This vulnerability was discovered by:
    Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
    
    Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463>
    (cherry picked from commit bdca6c3d1f5057eeb31609b1280fc93237b00c77)

 render/glyph.c    |  5 +++--
 render/glyphstr.h |  2 ++
 render/render.c   | 15 +++++++++++----
 3 files changed, 16 insertions(+), 6 deletions(-)
Comment 14 Stefan Dirsch 2024-04-08 16:10:15 UTC 
(In reply to Michael Pujos from comment #11)
> Last one (752) does not crash.
> 
> I could test that both Android Studio Koala and Iguana crash, but not
> Intellij IDEA community. Weird issue for sure.

Now I'm totally confused. You say it doesn't crash, but then that it does crash  with Koala and Iguana. But not with Intellij IDEA community. For which programs were the previous results? Results need to be consistent.

(In reply to Michael Pujos from comment #12)
> ^ meant "both Android Studio Koala and Iguana make Xorg crash".

I think that Xorg crashes here and not the user application was clear anyway.
Comment 15 Stefan Dirsch 2024-04-08 16:10:40 UTC 
Of course I cannot just revert a security patch ...
Comment 16 Michael Pujos 2024-04-08 16:18:12 UTC 
I mean that I have this issue only with Android Studio (Koala and Iguana) but not Intellij IDEA Community edition. To make it 100% clear:

- Android Studio (both Koala and Iguana) makes Xorg crash only with test build version 751 (and of course the currently TW xorg version)
- Intellij IDEA Community edition never cause Xorg to crash


I also tested Intellij IDEA because Android Studio is based on it.
Comment 17 Stefan Dirsch 2024-04-08 17:00:50 UTC 
Thanks. This makes it consistent again. I will do a last step, i.e. go back to the original tarball and revert this one patch. And let you test this as well.
Just to double check it's this one commit.
Comment 18 Stefan Dirsch 2024-04-08 17:22:44 UTC 
Please test to double check if the patch is really the culprit. Packages are still rebuilding though.

-------------------------------------------------------------------
Mon Apr  8 17:06:12 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>

- back to 21.1.12 tarball
- reverse apply 
  U_render-fix-refcounting-of-glyphs-during-ProcRenderAd.patch to
  fix regression caused by security fix for CVE-2024-31083 (bsc#1222312,
  boo#1222442)
Comment 19 Jan Engelhardt 2024-04-08 18:16:04 UTC 
>I am also a bit wary of making it crash again as it drops me to the vconsole with no key working 

Start sshd, and use it to issue safe reboots or e.g. `systemctl restart xdm` to just restart Xorg.
Comment 20 Michael Pujos 2024-04-09 07:54:20 UTC 
(In reply to Stefan Dirsch from comment #18)
> Please test to double check if the patch is really the culprit. Packages are
> still rebuilding though.
> 

Confirming that package is fine and does not crash.
Should I report that issue to the xorg issue tracker  ? Maybe they will have a hint about what it could be or an idea how to further debug it ?




(In reply to Jan Engelhardt from comment #19)
> 
> Start sshd, and use it to issue safe reboots or e.g. `systemctl restart xdm`
> to just restart Xorg.

That's what I would usually do, but do not have access to a separate PC at the moment. Anyway, I switched to using SDDM instead of startx (which is unusual, not recommended, etc) and it recovers nicely on Xorg crash (back to SDDM login).
Comment 21 Stefan Dirsch 2024-04-09 08:18:42 UTC 
(In reply to Michael Pujos from comment #20)
> (In reply to Stefan Dirsch from comment #18)
> > Please test to double check if the patch is really the culprit. Packages are
> > still rebuilding though.
> > 
> 
> Confirming that package is fine and does not crash.
> Should I report that issue to the xorg issue tracker  ? Maybe they will have
> a hint about what it could be or an idea how to further debug it ?

It would be perfect if you could do this, since only you can reproduce the issue.
I would subscribe to the issue then. I could apply patches and build packages for testing if needed.
Comment 22 Michael Pujos 2024-04-09 08:51:33 UTC 

I could finally get a detailed stack trace in gdb:


#0  0x00007f03c5c949ec in __pthread_kill_implementation () at /lib64/libc.so.6
#1  0x00007f03c5c41176 in raise () at /lib64/libc.so.6
#2  0x00007f03c5c28917 in abort () at /lib64/libc.so.6
#3  0x0000561d2962eefc in OsAbort () at ../../os/utils.c:1361
#4  0x0000561d2962ff5f in AbortServer () at ../../os/log.c:879
#5  FatalError (f=f@entry=0x561d2965b308 "Caught signal %d (%s). Server aborting\n") at ../../os/log.c:1017
#6  0x0000561d29632652 in OsSigHandler (unused=<optimized out>, sip=<optimized out>, signo=6) at ../../os/osinit.c:156
#7  OsSigHandler (signo=6, sip=<optimized out>, unused=<optimized out>) at ../../os/osinit.c:110
#8  0x00007f03c5c41240 in <signal handler called> () at /lib64/libc.so.6
#9  0x00007f03c5c949ec in __pthread_kill_implementation () at /lib64/libc.so.6
#10 0x00007f03c5c41176 in raise () at /lib64/libc.so.6
#11 0x00007f03c5c28917 in abort () at /lib64/libc.so.6
#12 0x00007f03c5c297e8 in _IO_peekc_locked.cold () at /lib64/libc.so.6
#13 0x00007f03c5c9f3c7 in  () at /lib64/libc.so.6
#14 0x00007f03c5ca3cdc in malloc () at /lib64/libc.so.6
#15 0x0000561d2958836d in AllocateGlyph (gi=0x561d2b58339c, fdepth=<optimized out>) at ../../render/glyph.c:355
#16 0x0000561d29593b8a in ProcRenderAddGlyphs (client=<optimized out>) at ../../render/render.c:1085
#17 0x0000561d294a0707 in Dispatch () at ../../dix/dispatch.c:550
#18 dix_main (envp=<optimized out>, argv=0x7fffca74c508, argc=<optimized out>) at ../../dix/main.c:276
#19 main (argc=<optimized out>, argv=0x7fffca74c508, envp=<optimized out>) at ../../dix/stubmain.c:34
(gdb) frame 15
#15 0x0000561d2958836d in AllocateGlyph (gi=0x561d2b58339c, fdepth=<optimized out>) at ../../render/glyph.c:355
355	    glyph = (GlyphPtr) malloc(size);


So it is crashing in malloc() triggered from AllocateGlyph().
Would not be surprised it is caused by a double free() or something caused by the relevant CVE patch.

Will open a bug on the Xorg bug tracker.
Comment 23 Michael Pujos 2024-04-09 09:00:57 UTC 
Urgh. Just as I was about to open a bug report, this commit from 1h ago likely fixes that issue:

https://gitlab.freedesktop.org/xorg/xserver/-/commit/337d8d48b618d4fc0168a7b978be4c3447650b04

Can you generate a new test version with it ?
Comment 24 Michael Pujos 2024-04-09 09:06:19 UTC 
And it had been reported but I totally missed it because of the title not mentioning Android Studio / Jetbrain / Intellij:

https://gitlab.freedesktop.org/xorg/xserver/-/issues/1659
Comment 25 Stefan Dirsch 2024-04-09 09:46:09 UTC 
Thanks a lot finding this!

Please test to check if the patch is really fixing it. Packages are still rebuilding though.

-------------------------------------------------------------------
Tue Apr  9 09:35:08 UTC 2024 - Stefan Dirsch <sndirsch@suse.com>

- U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch
  * fixes regression for security fix for CVE-2024-31083 (bsc#1222312, 
    boo#1222442, gitlab xserver issue #1659)
- no longer reverse apply 
  U_render-fix-refcounting-of-glyphs-during-ProcRenderAd.patch
Comment 26 Michael Pujos 2024-04-09 10:24:54 UTC 
Confirming new patched version does not crash.

Since this bug cannot be left unpatched, it seems that there will be new official versions for xorg-xserver and xwayland so maybe it is best to wait for that ? :

https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests
Comment 27 Stefan Dirsch 2024-04-09 11:12:02 UTC 
Thanks for confirmation. The remaining stuff needs to be done by me I'm afraid.
Comment 28 OBSbugzilla Bot 2024-04-10 14:15:05 UTC 
This is an autogenerated message for OBS integration:
This bug (1222442) was mentioned in
https://build.opensuse.org/request/show/1166666 Factory / xorg-x11-server
Comment 31 Stefan Dirsch 2024-04-11 03:38:22 UTC 
Closing as fixed.
Comment 33 Maintenance Automation 2024-04-12 16:30:29 UTC 
SUSE-SU-2024:1265-1: An update that solves three vulnerabilities and has one security fix can now be installed.

Category: security (important)
Bug References: 1222309, 1222310, 1222312, 1222442
CVE References: CVE-2024-31080, CVE-2024-31081, CVE-2024-31083
Maintenance Incident: [SUSE:Maintenance:33215](https://smelt.suse.de/incident/33215/)
Sources used:
openSUSE Leap 15.4 (src):
 xwayland-21.1.4-150400.3.36.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src):
 xwayland-21.1.4-150400.3.36.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 34 Maintenance Automation 2024-04-12 16:30:32 UTC 
SUSE-SU-2024:1264-1: An update that solves three vulnerabilities and has one security fix can now be installed.

Category: security (important)
Bug References: 1222309, 1222310, 1222312, 1222442
CVE References: CVE-2024-31080, CVE-2024-31081, CVE-2024-31083
Maintenance Incident: [SUSE:Maintenance:33216](https://smelt.suse.de/incident/33216/)
Sources used:
openSUSE Leap 15.5 (src):
 xwayland-22.1.5-150500.7.22.1
SUSE Linux Enterprise Workstation Extension 15 SP5 (src):
 xwayland-22.1.5-150500.7.22.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 35 Maintenance Automation 2024-04-12 16:30:34 UTC 
SUSE-SU-2024:1263-1: An update that solves one vulnerability and has one security fix can now be installed.

Category: security (important)
Bug References: 1222312, 1222442
CVE References: CVE-2024-31083
Maintenance Incident: [SUSE:Maintenance:33344](https://smelt.suse.de/incident/33344/)
Sources used:
SUSE Linux Enterprise High Performance Computing 12 SP5 (src):
 xorg-x11-server-1.19.6-10.74.1
SUSE Linux Enterprise Server 12 SP5 (src):
 xorg-x11-server-1.19.6-10.74.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src):
 xorg-x11-server-1.19.6-10.74.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src):
 xorg-x11-server-1.19.6-10.74.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 36 Maintenance Automation 2024-04-12 16:30:36 UTC 
SUSE-SU-2024:1262-1: An update that solves four vulnerabilities and has one security fix can now be installed.

Category: security (important)
Bug References: 1222309, 1222310, 1222311, 1222312, 1222442
CVE References: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082, CVE-2024-31083
Maintenance Incident: [SUSE:Maintenance:33214](https://smelt.suse.de/incident/33214/)
Sources used:
openSUSE Leap 15.5 (src):
 xorg-x11-server-21.1.4-150500.7.26.1
Basesystem Module 15-SP5 (src):
 xorg-x11-server-21.1.4-150500.7.26.1
Development Tools Module 15-SP5 (src):
 xorg-x11-server-21.1.4-150500.7.26.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 37 Maintenance Automation 2024-04-12 16:30:38 UTC 
SUSE-SU-2024:1261-1: An update that solves four vulnerabilities and has one security fix can now be installed.

Category: security (important)
Bug References: 1222309, 1222310, 1222311, 1222312, 1222442
CVE References: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082, CVE-2024-31083
Maintenance Incident: [SUSE:Maintenance:33212](https://smelt.suse.de/incident/33212/)
Sources used:
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src):
 xorg-x11-server-1.20.3-150200.22.5.96.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src):
 xorg-x11-server-1.20.3-150200.22.5.96.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src):
 xorg-x11-server-1.20.3-150200.22.5.96.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src):
 xorg-x11-server-1.20.3-150200.22.5.96.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src):
 xorg-x11-server-1.20.3-150200.22.5.96.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src):
 xorg-x11-server-1.20.3-150200.22.5.96.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src):
 xorg-x11-server-1.20.3-150200.22.5.96.1
SUSE Linux Enterprise Workstation Extension 15 SP5 (src):
 xorg-x11-server-1.20.3-150200.22.5.96.1
SUSE Enterprise Storage 7.1 (src):
 xorg-x11-server-1.20.3-150200.22.5.96.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 38 Maintenance Automation 2024-04-12 16:30:41 UTC 
SUSE-SU-2024:1260-1: An update that solves four vulnerabilities and has one security fix can now be installed.

Category: security (important)
Bug References: 1222309, 1222310, 1222311, 1222312, 1222442
CVE References: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082, CVE-2024-31083
Maintenance Incident: [SUSE:Maintenance:33213](https://smelt.suse.de/incident/33213/)
Sources used:
openSUSE Leap 15.4 (src):
 xorg-x11-server-1.20.3-150400.38.48.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src):
 xorg-x11-server-1.20.3-150400.38.48.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src):
 xorg-x11-server-1.20.3-150400.38.48.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src):
 xorg-x11-server-1.20.3-150400.38.48.1
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src):
 xorg-x11-server-1.20.3-150400.38.48.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src):
 xorg-x11-server-1.20.3-150400.38.48.1
SUSE Manager Proxy 4.3 (src):
 xorg-x11-server-1.20.3-150400.38.48.1
SUSE Manager Retail Branch Server 4.3 (src):
 xorg-x11-server-1.20.3-150400.38.48.1
SUSE Manager Server 4.3 (src):
 xorg-x11-server-1.20.3-150400.38.48.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 42 OBSbugzilla Bot 2024-07-11 15:35:07 UTC 
This is an autogenerated message for OBS integration:
This bug (1222442) was mentioned in
https://build.opensuse.org/request/show/1186897 Factory / xwayland
Comment 43 OBSbugzilla Bot 2024-07-12 13:35:06 UTC 
This is an autogenerated message for OBS integration:
This bug (1222442) was mentioned in
https://build.opensuse.org/request/show/1187080 Factory / xwayland