Skip to content
Snippets Groups Projects
Commit ba1d14f8 authored by Matthieu Herrb's avatar Matthieu Herrb Committed by José Expósito
Browse files

xkb: Fix buffer overflow in _XkbSetCompatMap()


The _XkbSetCompatMap() function attempts to resize the `sym_interpret`
buffer.

However, It didn't update its size properly. It updated `num_si` only,
without updating `size_si`.

This may lead to local privilege escalation if the server is run as root
or remote code execution (e.g. x11 over ssh).

CVE-2024-9632, ZDI-CAN-24756

This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Reviewed-by: default avatarPeter Hutterer <peter.hutterer@who-t.net>
Tested-by: default avatarPeter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: default avatarJosé Expósito <jexposit@redhat.com>
(cherry picked from commit 85b77657)

Part-of: <!1734>
parent e3e14369
No related branches found
No related tags found
1 merge request!1734Fix for CVE-2024-9632 + bump to v21.1.14
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment