diff options
author | Vijay Anusuri <vanusuri@mvista.com> | 2023-11-06 21:04:23 +0530 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-11-08 11:00:09 +0000 |
commit | a193c0224a4100f2e75bfff40b0832758affeb45 (patch) | |
tree | a00ae88887cedac9de81d8aa573c13d68bd52af5 /meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5574-2.patch | |
parent | 1c135f1d7af041167555fe1a368b56799bb89cf9 (diff) | |
download | poky-a193c0224a4100f2e75bfff40b0832758affeb45.tar.gz |
xserver-xorg: Fix for CVE-2023-5574
Upstream-Status: Backport
[https://gitlab.freedesktop.org/xorg/xserver/-/commit/1953f460b9ad1a9cdf0fcce70f6ad3310b713d5f
&
https://gitlab.freedesktop.org/xorg/xserver/-/commit/b6fe3f924aecac6d6e311673511ce61aa2f7a81f
&
https://gitlab.freedesktop.org/xorg/xserver/-/commit/ab2c58ba4719fc31c19c7829b06bdba8a88bd586]
(From OE-Core rev: 9291d7e7aca8ff93d036770e4fb42901c3ea1d60)
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5574-2.patch')
-rw-r--r-- | meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5574-2.patch | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5574-2.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5574-2.patch new file mode 100644 index 0000000000..2cdef752c7 --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5574-2.patch | |||
@@ -0,0 +1,42 @@ | |||
1 | From b6fe3f924aecac6d6e311673511ce61aa2f7a81f Mon Sep 17 00:00:00 2001 | ||
2 | From: Peter Hutterer <peter.hutterer@who-t.net> | ||
3 | Date: Thu, 12 Oct 2023 12:42:06 +1000 | ||
4 | Subject: [PATCH] mi: fix CloseScreen initialization order | ||
5 | |||
6 | If SHM is enabled it will set the CloseScreen pointer, only to be | ||
7 | overridden by the hardcoded miCloseScreen pointer. Do this the other way | ||
8 | round, miCloseScreen is the bottom of our stack. | ||
9 | |||
10 | Direct leak of 48 byte(s) in 2 object(s) allocated from: | ||
11 | #0 0x7f5ea3ad8cc7 in calloc (/lib64/libasan.so.8+0xd8cc7) (BuildId: d8f3addefe29e892d775c30eb364afd3c2484ca5)) | ||
12 | #1 0x70adfb in ShmInitScreenPriv ../Xext/shm.c:213 | ||
13 | |||
14 | Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> | ||
15 | Reviewed-by: Adam Jackson <ajax@redhat.com> | ||
16 | |||
17 | Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/b6fe3f924aecac6d6e311673511ce61aa2f7a81f] | ||
18 | CVE: CVE-2023-5574 | ||
19 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
20 | --- | ||
21 | mi/miscrinit.c | 2 +- | ||
22 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
23 | |||
24 | diff --git a/mi/miscrinit.c b/mi/miscrinit.c | ||
25 | index 3bb52b1bc6..b88938c9ae 100644 | ||
26 | --- a/mi/miscrinit.c | ||
27 | +++ b/mi/miscrinit.c | ||
28 | @@ -249,10 +249,10 @@ miScreenInit(ScreenPtr pScreen, void *pbits, /* pointer to screen bits */ | ||
29 | pScreen->numVisuals = numVisuals; | ||
30 | pScreen->visuals = visuals; | ||
31 | if (width) { | ||
32 | + pScreen->CloseScreen = miCloseScreen; | ||
33 | #ifdef MITSHM | ||
34 | ShmRegisterFbFuncs(pScreen); | ||
35 | #endif | ||
36 | - pScreen->CloseScreen = miCloseScreen; | ||
37 | } | ||
38 | /* else CloseScreen */ | ||
39 | /* QueryBestSize */ | ||
40 | -- | ||
41 | GitLab | ||
42 | |||