Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-31082 (GCVE-0-2024-31082)
Vulnerability from cvelistv5 – Published: 2024-04-04 13:48 – Updated: 2025-11-20 07:19
VLAI
EPSS
Title
Xorg-x11-server: heap buffer overread/data leakage in procappledricreatepixmap
Summary
A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
Severity
7.3 (High)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://access.redhat.com/security/cve/CVE-2024-31082 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2271999 | issue-trackingx_refsource_REDHAT |
| https://lists.x.org/archives/xorg-announce/2024-A… |
Impacted products
14 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
1.12.0 , < 21.1.12
(semver)
|
|||
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
Date Public
2024-04-03 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31082",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-29T15:13:28.884475Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T15:13:40.871Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:46:03.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/03/13"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/12/10"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-31082"
},
{
"name": "RHBZ#2271999",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271999"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.x.org/archives/xorg-announce/2024-April/003497.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://gitlab.freedesktop.org/xorg/xserver/",
"defaultStatus": "unaffected",
"packageName": "xorg-server",
"repo": "https://gitlab.freedesktop.org/xorg/xserver/",
"versions": [
{
"lessThan": "21.1.12",
"status": "affected",
"version": "1.12.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "tigervnc",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "xorg-x11-server",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "xorg-x11-server-Xwayland",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "tigervnc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "xorg-x11-server",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "tigervnc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "xorg-x11-server",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "tigervnc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "xorg-x11-server",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "xorg-x11-server-Xwayland",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "tigervnc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "xorg-x11-server",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "xorg-x11-server-Xwayland",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"datePublic": "2024-04-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T07:19:02.338Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-31082"
},
{
"name": "RHBZ#2271999",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271999"
},
{
"url": "https://lists.x.org/archives/xorg-announce/2024-April/003497.html"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-03-28T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-04-03T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Xorg-x11-server: heap buffer overread/data leakage in procappledricreatepixmap",
"x_redhatCweChain": "CWE-126: Buffer Over-read"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-31082",
"datePublished": "2024-04-04T13:48:34.893Z",
"dateReserved": "2024-03-28T02:56:55.575Z",
"dateUpdated": "2025-11-20T07:19:02.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-31082",
"date": "2026-05-29",
"epss": "0.00042",
"percentile": "0.13034"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.\"}, {\"lang\": \"es\", \"value\": \"Se encontr\\u00f3 una vulnerabilidad de sobrelectura del b\\u00fafer de almacenamiento din\\u00e1mico en la funci\\u00f3n ProcAppleDRICreatePixmap() del servidor X.org. Este problema se produce cuando se utilizan valores de longitud de bytes intercambiados en las respuestas, lo que puede provocar p\\u00e9rdidas de memoria y errores de segmentaci\\u00f3n, especialmente cuando lo activa un cliente con una endianidad diferente. Un atacante podr\\u00eda aprovechar esta vulnerabilidad para hacer que el servidor X lea los valores de la memoria din\\u00e1mica y luego los transmita de vuelta al cliente hasta encontrar una p\\u00e1gina no asignada, lo que provocar\\u00eda un bloqueo. A pesar de la incapacidad del atacante para controlar la memoria espec\\u00edfica copiada en las respuestas, los peque\\u00f1os valores de longitud que normalmente se almacenan en un entero de 32 bits pueden dar como resultado importantes intentos de lecturas fuera de los l\\u00edmites.\"}]",
"id": "CVE-2024-31082",
"lastModified": "2024-11-21T09:12:49.110",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.5}]}",
"published": "2024-04-04T14:15:10.833",
"references": "[{\"url\": \"https://access.redhat.com/security/cve/CVE-2024-31082\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2271999\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.x.org/archives/xorg-announce/2024-April/003497.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/03/13\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/12/10\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-31082\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2271999\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.x.org/archives/xorg-announce/2024-April/003497.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-126\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-31082\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2024-04-04T14:15:10.833\",\"lastModified\":\"2024-11-21T09:12:49.110\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una vulnerabilidad de sobrelectura del b\u00fafer de almacenamiento din\u00e1mico en la funci\u00f3n ProcAppleDRICreatePixmap() del servidor X.org. Este problema se produce cuando se utilizan valores de longitud de bytes intercambiados en las respuestas, lo que puede provocar p\u00e9rdidas de memoria y errores de segmentaci\u00f3n, especialmente cuando lo activa un cliente con una endianidad diferente. Un atacante podr\u00eda aprovechar esta vulnerabilidad para hacer que el servidor X lea los valores de la memoria din\u00e1mica y luego los transmita de vuelta al cliente hasta encontrar una p\u00e1gina no asignada, lo que provocar\u00eda un bloqueo. A pesar de la incapacidad del atacante para controlar la memoria espec\u00edfica copiada en las respuestas, los peque\u00f1os valores de longitud que normalmente se almacenan en un entero de 32 bits pueden dar como resultado importantes intentos de lecturas fuera de los l\u00edmites.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.5}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-126\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-31082\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2271999\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.x.org/archives/xorg-announce/2024-April/003497.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/04/03/13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/04/12/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-31082\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2271999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.x.org/archives/xorg-announce/2024-April/003497.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/03/13\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/12/10\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-31082\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2271999\", \"name\": \"RHBZ#2271999\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://lists.x.org/archives/xorg-announce/2024-April/003497.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T01:46:03.895Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-31082\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-29T15:13:28.884475Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-29T15:13:37.477Z\"}}], \"cna\": {\"title\": \"Xorg-x11-server: heap buffer overread/data leakage in procappledricreatepixmap\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"repo\": \"https://gitlab.freedesktop.org/xorg/xserver/\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.12.0\", \"lessThan\": \"21.1.12\", \"versionType\": \"semver\"}], \"packageName\": \"xorg-server\", \"collectionURL\": \"https://gitlab.freedesktop.org/xorg/xserver/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"tigervnc\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"xorg-x11-server\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"xorg-x11-server-Xwayland\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"tigervnc\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"xorg-x11-server\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"packageName\": \"tigervnc\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"packageName\": \"xorg-x11-server\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"tigervnc\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"xorg-x11-server\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"xorg-x11-server-Xwayland\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"tigervnc\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"xorg-x11-server\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"xorg-x11-server-Xwayland\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-03-28T00:00:00.000Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2024-04-03T00:00:00.000Z\", \"value\": \"Made public.\"}], \"datePublic\": \"2024-04-03T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2024-31082\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2271999\", \"name\": \"RHBZ#2271999\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://lists.x.org/archives/xorg-announce/2024-April/003497.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-126\", \"description\": \"Buffer Over-read\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-11-20T07:19:02.338Z\"}, \"x_redhatCweChain\": \"CWE-126: Buffer Over-read\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-31082\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-20T07:19:02.338Z\", \"dateReserved\": \"2024-03-28T02:56:55.575Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2024-04-04T13:48:34.893Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Title
Уязвимость функции ProcAppleDRICreatePixmap() сервера X Window System Xorg-server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Description
Уязвимость функции ProcAppleDRICreatePixmap() сервера X Window System Xorg-server связана с выходом операции за границы буфера в памяти. Эксплуатация уязвимости может позволить нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity
Vendor
Сообщество свободного программного обеспечения, ООО «Ред Софт», АО «НТЦ ИТ РОСА», X.Org Foundation, АО "НППКТ"
Software Name
Debian GNU/Linux, РЕД ОС (запись в едином реестре российских программ №3751), РОСА Кобальт (запись в едином реестре российских программ №1999), Xorg-server, XWayland, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913)
Software Version
10 (Debian GNU/Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (РЕД ОС), 7.9 (РОСА Кобальт), до 21.1.12 (Xorg-server), до 23.2.5 (XWayland), до 2.10.1 (ОСОН ОСнова Оnyx)
Possible Mitigations
Использование рекомендаций:
Для Xorg-server:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/3e77295f888c67fc7645db5d0c00926a29ffecee
https://lists.x.org/archives/xorg-announce/2024-April/003497.html
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2024-31081
Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Для ОСОН ОСнова Оnyx:
Обновление программного обеспечения xorg-server до версии 2:1.20.11-1+deb11u13.osnova1
Для ОС РОСА "КОБАЛЬТ": https://abf.rosa.ru/advisories/ROSA-SA-2024-2482
Для ОС РОСА "КОБАЛЬТ": https://abf.rosa.ru/advisories/ROSA-SA-2024-2483
Для ОС РОСА "КОБАЛЬТ": https://abf.rosa.ru/advisories/ROSA-SA-2024-2482
Для ОС РОСА "КОБАЛЬТ": https://abf.rosa.ru/advisories/ROSA-SA-2024-2483
Reference
https://security-tracker.debian.org/tracker/CVE-2024-31081
https://gitlab.freedesktop.org/xorg/xserver/-/commit/3e77295f888c67fc7645db5d0c00926a29ffecee
https://lists.x.org/archives/xorg-announce/2024-April/003497.html
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.10.1/
https://abf.rosa.ru/advisories/ROSA-SA-2024-2482
https://abf.rosa.ru/advisories/ROSA-SA-2024-2483
https://abf.rosa.ru/advisories/ROSA-SA-2024-2482
https://abf.rosa.ru/advisories/ROSA-SA-2024-2483
CWE
CWE-126
{
"CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:P/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb, X.Org Foundation, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\"",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "10 (Debian GNU/Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 7.9 (\u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442), \u0434\u043e 21.1.12 (Xorg-server), \u0434\u043e 23.2.5 (XWayland), \u0434\u043e 2.10.1 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Xorg-server:\nhttps://gitlab.freedesktop.org/xorg/xserver/-/commit/3e77295f888c67fc7645db5d0c00926a29ffecee\nhttps://lists.x.org/archives/xorg-announce/2024-April/003497.html\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2024-31081\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f xorg-server \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2:1.20.11-1+deb11u13.osnova1\n\n\u0414\u043b\u044f \u041e\u0421 \u0420\u041e\u0421\u0410 \"\u041a\u041e\u0411\u0410\u041b\u042c\u0422\": https://abf.rosa.ru/advisories/ROSA-SA-2024-2482\n\n\u0414\u043b\u044f \u041e\u0421 \u0420\u041e\u0421\u0410 \"\u041a\u041e\u0411\u0410\u041b\u042c\u0422\": https://abf.rosa.ru/advisories/ROSA-SA-2024-2483\n\n\u0414\u043b\u044f \u041e\u0421 \u0420\u041e\u0421\u0410 \"\u041a\u041e\u0411\u0410\u041b\u042c\u0422\": https://abf.rosa.ru/advisories/ROSA-SA-2024-2482\n\n\u0414\u043b\u044f \u041e\u0421 \u0420\u041e\u0421\u0410 \"\u041a\u041e\u0411\u0410\u041b\u042c\u0422\": https://abf.rosa.ru/advisories/ROSA-SA-2024-2483",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "04.04.2024",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "05.03.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "19.04.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-03109",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-31082",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161999), Xorg-server, XWayland, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442 7.9 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161999), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.10.1 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 ProcAppleDRICreatePixmap() \u0441\u0435\u0440\u0432\u0435\u0440\u0430 X Window System Xorg-server, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u0438\u0445 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0427\u0442\u0435\u043d\u0438\u0435 \u0438\u0437 \u043f\u0430\u043c\u044f\u0442\u0438, \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0435\u0439 \u043e\u043a\u043e\u043d\u0447\u0430\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-126)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 ProcAppleDRICreatePixmap() \u0441\u0435\u0440\u0432\u0435\u0440\u0430 X Window System Xorg-server \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u0438\u0445 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://security-tracker.debian.org/tracker/CVE-2024-31081\nhttps://gitlab.freedesktop.org/xorg/xserver/-/commit/3e77295f888c67fc7645db5d0c00926a29ffecee\nhttps://lists.x.org/archives/xorg-announce/2024-April/003497.html\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.10.1/\nhttps://abf.rosa.ru/advisories/ROSA-SA-2024-2482\nhttps://abf.rosa.ru/advisories/ROSA-SA-2024-2483\nhttps://abf.rosa.ru/advisories/ROSA-SA-2024-2482\nhttps://abf.rosa.ru/advisories/ROSA-SA-2024-2483",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-126",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,4)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,3)"
}
FKIE_CVE-2024-31082
Vulnerability from fkie_nvd - Published: 2024-04-04 14:15 - Updated: 2026-04-15 00:35
Severity
Summary
A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de sobrelectura del b\u00fafer de almacenamiento din\u00e1mico en la funci\u00f3n ProcAppleDRICreatePixmap() del servidor X.org. Este problema se produce cuando se utilizan valores de longitud de bytes intercambiados en las respuestas, lo que puede provocar p\u00e9rdidas de memoria y errores de segmentaci\u00f3n, especialmente cuando lo activa un cliente con una endianidad diferente. Un atacante podr\u00eda aprovechar esta vulnerabilidad para hacer que el servidor X lea los valores de la memoria din\u00e1mica y luego los transmita de vuelta al cliente hasta encontrar una p\u00e1gina no asignada, lo que provocar\u00eda un bloqueo. A pesar de la incapacidad del atacante para controlar la memoria espec\u00edfica copiada en las respuestas, los peque\u00f1os valores de longitud que normalmente se almacenan en un entero de 32 bits pueden dar como resultado importantes intentos de lecturas fuera de los l\u00edmites."
}
],
"id": "CVE-2024-31082",
"lastModified": "2026-04-15T00:35:42.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.5,
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
},
"published": "2024-04-04T14:15:10.833",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/security/cve/CVE-2024-31082"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271999"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.x.org/archives/xorg-announce/2024-April/003497.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/04/03/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/04/12/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/security/cve/CVE-2024-31082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.x.org/archives/xorg-announce/2024-April/003497.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-126"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
GHSA-CM2M-F7GC-HV64
Vulnerability from github – Published: 2024-04-04 15:30 – Updated: 2024-07-14 21:30
VLAI
Details
A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
Severity
7.3 (High)
{
"affected": [],
"aliases": [
"CVE-2024-31082"
],
"database_specific": {
"cwe_ids": [
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-04T14:15:10Z",
"severity": "HIGH"
},
"details": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"id": "GHSA-cm2m-f7gc-hv64",
"modified": "2024-07-14T21:30:37Z",
"published": "2024-04-04T15:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31082"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2024-31082"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271999"
},
{
"type": "WEB",
"url": "https://lists.x.org/archives/xorg-announce/2024-April/003497.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2024/04/03/13"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2024/04/12/10"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2024-31082
Vulnerability from gsd - Updated: 2024-04-03 05:02Details
A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-31082"
],
"details": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"id": "GSD-2024-31082",
"modified": "2024-04-03T05:02:25.470580Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2024-31082",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "xorg-server",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "21.1.12"
}
]
}
}
]
}
}
]
},
"vendor_name": "n/a"
},
{
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
},
"vendor_name": "Red Hat"
},
{
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
},
"vendor_name": "Fedora"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-126",
"lang": "eng",
"value": "Buffer Over-read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/security/cve/CVE-2024-31082",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/CVE-2024-31082"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2271999",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271999"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads."
}
],
"id": "CVE-2024-31082",
"lastModified": "2024-04-04T16:33:06.610",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.5,
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
},
"published": "2024-04-04T14:15:10.833",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/security/cve/CVE-2024-31082"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271999"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-126"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
}
}
}
MSRC_CVE-2024-31082
Vulnerability from csaf_microsoft - Published: 2024-04-02 07:00 - Updated: 2026-02-18 14:58Summary
Xorg-x11-server: heap buffer overread/data leakage in procappledricreatepixmap
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
7.3 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17370-17086 | — | ||
| Unresolved product id: 19982-17086 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2024/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2024/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-31082 Xorg-x11-server: heap buffer overread/data leakage in procappledricreatepixmap - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-31082.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Xorg-x11-server: heap buffer overread/data leakage in procappledricreatepixmap",
"tracking": {
"current_release_date": "2026-02-18T14:58:27.000Z",
"generator": {
"date": "2026-02-20T23:42:45.302Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-31082",
"initial_release_date": "2024-04-02T07:00:00.000Z",
"revision_history": [
{
"date": "2024-08-18T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2024-10-05T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Information published."
},
{
"date": "2024-12-03T00:00:00.000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added xorg-x11-server to CBL-Mariner 2.0"
},
{
"date": "2026-02-18T14:58:27.000Z",
"legacy_version": "1.3",
"number": "4",
"summary": "Information published."
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 xorg-x11-server 1.20.10-11",
"product": {
"name": "\u003ccbl2 xorg-x11-server 1.20.10-11",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 xorg-x11-server 1.20.10-11",
"product": {
"name": "cbl2 xorg-x11-server 1.20.10-11",
"product_id": "17370"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 xorg-x11-server 1.20.10-15",
"product": {
"name": "\u003ccbl2 xorg-x11-server 1.20.10-15",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 xorg-x11-server 1.20.10-15",
"product": {
"name": "cbl2 xorg-x11-server 1.20.10-15",
"product_id": "19982"
}
}
],
"category": "product_name",
"name": "xorg-x11-server"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 xorg-x11-server 1.20.10-11 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 xorg-x11-server 1.20.10-11 as a component of CBL Mariner 2.0",
"product_id": "17370-17086"
},
"product_reference": "17370",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 xorg-x11-server 1.20.10-15 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 xorg-x11-server 1.20.10-15 as a component of CBL Mariner 2.0",
"product_id": "19982-17086"
},
"product_reference": "19982",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-31082",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "general",
"text": "redhat",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"17370-17086",
"19982-17086"
],
"known_affected": [
"17086-2",
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-31082 Xorg-x11-server: heap buffer overread/data leakage in procappledricreatepixmap - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-31082.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-18T00:00:00.000Z",
"details": "1.20.10-11:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-2",
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.3,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"17086-2",
"17086-1"
]
}
],
"title": "Xorg-x11-server: heap buffer overread/data leakage in procappledricreatepixmap"
}
]
}
OPENSUSE-SU-2024:13828-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
xorg-x11-server-21.1.12-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: xorg-x11-server-21.1.12-1.1 on GA media
Description of the patch: These are all security issues fixed in the xorg-x11-server-21.1.12-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13828
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.6 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.6 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.3 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
17 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "xorg-x11-server-21.1.12-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the xorg-x11-server-21.1.12-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13828",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13828-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31081 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31082 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31083/"
}
],
"title": "xorg-x11-server-21.1.12-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13828-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-21.1.12-1.1.aarch64",
"product": {
"name": "xorg-x11-server-21.1.12-1.1.aarch64",
"product_id": "xorg-x11-server-21.1.12-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"product": {
"name": "xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"product_id": "xorg-x11-server-Xvfb-21.1.12-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-21.1.12-1.1.aarch64",
"product": {
"name": "xorg-x11-server-extra-21.1.12-1.1.aarch64",
"product_id": "xorg-x11-server-extra-21.1.12-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"product": {
"name": "xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"product_id": "xorg-x11-server-sdk-21.1.12-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-21.1.12-1.1.aarch64",
"product": {
"name": "xorg-x11-server-source-21.1.12-1.1.aarch64",
"product_id": "xorg-x11-server-source-21.1.12-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"product": {
"name": "xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"product_id": "xorg-x11-server-wrapper-21.1.12-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-21.1.12-1.1.ppc64le",
"product": {
"name": "xorg-x11-server-21.1.12-1.1.ppc64le",
"product_id": "xorg-x11-server-21.1.12-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"product": {
"name": "xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"product_id": "xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"product": {
"name": "xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"product_id": "xorg-x11-server-extra-21.1.12-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"product": {
"name": "xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"product_id": "xorg-x11-server-sdk-21.1.12-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-21.1.12-1.1.ppc64le",
"product": {
"name": "xorg-x11-server-source-21.1.12-1.1.ppc64le",
"product_id": "xorg-x11-server-source-21.1.12-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"product": {
"name": "xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"product_id": "xorg-x11-server-wrapper-21.1.12-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-21.1.12-1.1.s390x",
"product": {
"name": "xorg-x11-server-21.1.12-1.1.s390x",
"product_id": "xorg-x11-server-21.1.12-1.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"product": {
"name": "xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"product_id": "xorg-x11-server-Xvfb-21.1.12-1.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-21.1.12-1.1.s390x",
"product": {
"name": "xorg-x11-server-extra-21.1.12-1.1.s390x",
"product_id": "xorg-x11-server-extra-21.1.12-1.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-21.1.12-1.1.s390x",
"product": {
"name": "xorg-x11-server-sdk-21.1.12-1.1.s390x",
"product_id": "xorg-x11-server-sdk-21.1.12-1.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-21.1.12-1.1.s390x",
"product": {
"name": "xorg-x11-server-source-21.1.12-1.1.s390x",
"product_id": "xorg-x11-server-source-21.1.12-1.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"product": {
"name": "xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"product_id": "xorg-x11-server-wrapper-21.1.12-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-21.1.12-1.1.x86_64",
"product": {
"name": "xorg-x11-server-21.1.12-1.1.x86_64",
"product_id": "xorg-x11-server-21.1.12-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"product": {
"name": "xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"product_id": "xorg-x11-server-Xvfb-21.1.12-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-21.1.12-1.1.x86_64",
"product": {
"name": "xorg-x11-server-extra-21.1.12-1.1.x86_64",
"product_id": "xorg-x11-server-extra-21.1.12-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"product": {
"name": "xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"product_id": "xorg-x11-server-sdk-21.1.12-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-21.1.12-1.1.x86_64",
"product": {
"name": "xorg-x11-server-source-21.1.12-1.1.x86_64",
"product_id": "xorg-x11-server-source-21.1.12-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-wrapper-21.1.12-1.1.x86_64",
"product": {
"name": "xorg-x11-server-wrapper-21.1.12-1.1.x86_64",
"product_id": "xorg-x11-server-wrapper-21.1.12-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64"
},
"product_reference": "xorg-x11-server-21.1.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le"
},
"product_reference": "xorg-x11-server-21.1.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x"
},
"product_reference": "xorg-x11-server-21.1.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64"
},
"product_reference": "xorg-x11-server-21.1.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64"
},
"product_reference": "xorg-x11-server-extra-21.1.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le"
},
"product_reference": "xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x"
},
"product_reference": "xorg-x11-server-extra-21.1.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-21.1.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64"
},
"product_reference": "xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le"
},
"product_reference": "xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x"
},
"product_reference": "xorg-x11-server-sdk-21.1.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-source-21.1.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64"
},
"product_reference": "xorg-x11-server-source-21.1.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-source-21.1.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le"
},
"product_reference": "xorg-x11-server-source-21.1.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-source-21.1.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x"
},
"product_reference": "xorg-x11-server-source-21.1.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-source-21.1.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64"
},
"product_reference": "xorg-x11-server-source-21.1.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-wrapper-21.1.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64"
},
"product_reference": "xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-wrapper-21.1.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le"
},
"product_reference": "xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-wrapper-21.1.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x"
},
"product_reference": "xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-wrapper-21.1.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64"
},
"product_reference": "xorg-x11-server-wrapper-21.1.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-31080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31080"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31080",
"url": "https://www.suse.com/security/cve/CVE-2024-31080"
},
{
"category": "external",
"summary": "SUSE Bug 1222309 for CVE-2024-31080",
"url": "https://bugzilla.suse.com/1222309"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31080",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-31080"
},
{
"cve": "CVE-2024-31081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31081"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31081",
"url": "https://www.suse.com/security/cve/CVE-2024-31081"
},
{
"category": "external",
"summary": "SUSE Bug 1222310 for CVE-2024-31081",
"url": "https://bugzilla.suse.com/1222310"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31081",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-31081"
},
{
"cve": "CVE-2024-31082",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31082"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31082",
"url": "https://www.suse.com/security/cve/CVE-2024-31082"
},
{
"category": "external",
"summary": "SUSE Bug 1222311 for CVE-2024-31082",
"url": "https://bugzilla.suse.com/1222311"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31082",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-31082"
},
{
"cve": "CVE-2024-31083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31083"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31083",
"url": "https://www.suse.com/security/cve/CVE-2024-31083"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31083",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.12-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-31083"
}
]
}
SUSE-SU-2024:1199-1
Vulnerability from csaf_suse - Published: 2024-04-10 13:54 - Updated: 2024-04-10 13:54Summary
Security update for xorg-x11-server
Severity
Important
Notes
Title of the patch: Security update for xorg-x11-server
Description of the patch: This update for xorg-x11-server fixes the following issues:
- CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309).
- CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310).
- CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use unswapped length to send reply (bsc#1222311).
- CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312).
Patchnames: SUSE-2024-1199,SUSE-SLE-SDK-12-SP5-2024-1199,SUSE-SLE-SERVER-12-SP5-2024-1199
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.6 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.6 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.3 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for xorg-x11-server",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for xorg-x11-server fixes the following issues:\n\n- CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309).\n- CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310).\n- CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use unswapped length to send reply (bsc#1222311).\n- CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1199,SUSE-SLE-SDK-12-SP5-2024-1199,SUSE-SLE-SERVER-12-SP5-2024-1199",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1199-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1199-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241199-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1199-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-April/034927.html"
},
{
"category": "self",
"summary": "SUSE Bug 1222309",
"url": "https://bugzilla.suse.com/1222309"
},
{
"category": "self",
"summary": "SUSE Bug 1222310",
"url": "https://bugzilla.suse.com/1222310"
},
{
"category": "self",
"summary": "SUSE Bug 1222311",
"url": "https://bugzilla.suse.com/1222311"
},
{
"category": "self",
"summary": "SUSE Bug 1222312",
"url": "https://bugzilla.suse.com/1222312"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31081 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31082 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31083/"
}
],
"title": "Security update for xorg-x11-server",
"tracking": {
"current_release_date": "2024-04-10T13:54:58Z",
"generator": {
"date": "2024-04-10T13:54:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1199-1",
"initial_release_date": "2024-04-10T13:54:58Z",
"revision_history": [
{
"date": "2024-04-10T13:54:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.19.6-10.71.1.aarch64",
"product": {
"name": "xorg-x11-server-1.19.6-10.71.1.aarch64",
"product_id": "xorg-x11-server-1.19.6-10.71.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"product": {
"name": "xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"product_id": "xorg-x11-server-extra-1.19.6-10.71.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"product": {
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"product_id": "xorg-x11-server-sdk-1.19.6-10.71.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.19.6-10.71.1.aarch64",
"product": {
"name": "xorg-x11-server-source-1.19.6-10.71.1.aarch64",
"product_id": "xorg-x11-server-source-1.19.6-10.71.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.19.6-10.71.1.i586",
"product": {
"name": "xorg-x11-server-1.19.6-10.71.1.i586",
"product_id": "xorg-x11-server-1.19.6-10.71.1.i586"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.19.6-10.71.1.i586",
"product": {
"name": "xorg-x11-server-extra-1.19.6-10.71.1.i586",
"product_id": "xorg-x11-server-extra-1.19.6-10.71.1.i586"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.i586",
"product": {
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.i586",
"product_id": "xorg-x11-server-sdk-1.19.6-10.71.1.i586"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.19.6-10.71.1.i586",
"product": {
"name": "xorg-x11-server-source-1.19.6-10.71.1.i586",
"product_id": "xorg-x11-server-source-1.19.6-10.71.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.19.6-10.71.1.ppc64le",
"product": {
"name": "xorg-x11-server-1.19.6-10.71.1.ppc64le",
"product_id": "xorg-x11-server-1.19.6-10.71.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"product": {
"name": "xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"product_id": "xorg-x11-server-extra-1.19.6-10.71.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"product": {
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"product_id": "xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.19.6-10.71.1.ppc64le",
"product": {
"name": "xorg-x11-server-source-1.19.6-10.71.1.ppc64le",
"product_id": "xorg-x11-server-source-1.19.6-10.71.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.19.6-10.71.1.s390",
"product": {
"name": "xorg-x11-server-1.19.6-10.71.1.s390",
"product_id": "xorg-x11-server-1.19.6-10.71.1.s390"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.19.6-10.71.1.s390",
"product": {
"name": "xorg-x11-server-extra-1.19.6-10.71.1.s390",
"product_id": "xorg-x11-server-extra-1.19.6-10.71.1.s390"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.s390",
"product": {
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.s390",
"product_id": "xorg-x11-server-sdk-1.19.6-10.71.1.s390"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.19.6-10.71.1.s390",
"product": {
"name": "xorg-x11-server-source-1.19.6-10.71.1.s390",
"product_id": "xorg-x11-server-source-1.19.6-10.71.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.19.6-10.71.1.s390x",
"product": {
"name": "xorg-x11-server-1.19.6-10.71.1.s390x",
"product_id": "xorg-x11-server-1.19.6-10.71.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"product": {
"name": "xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"product_id": "xorg-x11-server-extra-1.19.6-10.71.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"product": {
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"product_id": "xorg-x11-server-sdk-1.19.6-10.71.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.19.6-10.71.1.s390x",
"product": {
"name": "xorg-x11-server-source-1.19.6-10.71.1.s390x",
"product_id": "xorg-x11-server-source-1.19.6-10.71.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.19.6-10.71.1.x86_64",
"product": {
"name": "xorg-x11-server-1.19.6-10.71.1.x86_64",
"product_id": "xorg-x11-server-1.19.6-10.71.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"product": {
"name": "xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"product_id": "xorg-x11-server-extra-1.19.6-10.71.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.x86_64",
"product": {
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.x86_64",
"product_id": "xorg-x11-server-sdk-1.19.6-10.71.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.19.6-10.71.1.x86_64",
"product": {
"name": "xorg-x11-server-source-1.19.6-10.71.1.x86_64",
"product_id": "xorg-x11-server-source-1.19.6-10.71.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64"
},
"product_reference": "xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le"
},
"product_reference": "xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x"
},
"product_reference": "xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.19.6-10.71.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-1.19.6-10.71.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.19.6-10.71.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64"
},
"product_reference": "xorg-x11-server-1.19.6-10.71.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.19.6-10.71.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le"
},
"product_reference": "xorg-x11-server-1.19.6-10.71.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.19.6-10.71.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x"
},
"product_reference": "xorg-x11-server-1.19.6-10.71.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.19.6-10.71.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64"
},
"product_reference": "xorg-x11-server-1.19.6-10.71.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.19.6-10.71.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64"
},
"product_reference": "xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.19.6-10.71.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le"
},
"product_reference": "xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.19.6-10.71.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x"
},
"product_reference": "xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.19.6-10.71.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.19.6-10.71.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64"
},
"product_reference": "xorg-x11-server-1.19.6-10.71.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.19.6-10.71.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le"
},
"product_reference": "xorg-x11-server-1.19.6-10.71.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.19.6-10.71.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x"
},
"product_reference": "xorg-x11-server-1.19.6-10.71.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.19.6-10.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64"
},
"product_reference": "xorg-x11-server-1.19.6-10.71.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.19.6-10.71.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64"
},
"product_reference": "xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.19.6-10.71.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le"
},
"product_reference": "xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.19.6-10.71.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x"
},
"product_reference": "xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.19.6-10.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-31080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31080"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31080",
"url": "https://www.suse.com/security/cve/CVE-2024-31080"
},
{
"category": "external",
"summary": "SUSE Bug 1222309 for CVE-2024-31080",
"url": "https://bugzilla.suse.com/1222309"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31080",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-10T13:54:58Z",
"details": "important"
}
],
"title": "CVE-2024-31080"
},
{
"cve": "CVE-2024-31081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31081"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31081",
"url": "https://www.suse.com/security/cve/CVE-2024-31081"
},
{
"category": "external",
"summary": "SUSE Bug 1222310 for CVE-2024-31081",
"url": "https://bugzilla.suse.com/1222310"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31081",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-10T13:54:58Z",
"details": "important"
}
],
"title": "CVE-2024-31081"
},
{
"cve": "CVE-2024-31082",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31082"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31082",
"url": "https://www.suse.com/security/cve/CVE-2024-31082"
},
{
"category": "external",
"summary": "SUSE Bug 1222311 for CVE-2024-31082",
"url": "https://bugzilla.suse.com/1222311"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31082",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-10T13:54:58Z",
"details": "important"
}
],
"title": "CVE-2024-31082"
},
{
"cve": "CVE-2024-31083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31083"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31083",
"url": "https://www.suse.com/security/cve/CVE-2024-31083"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31083",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-server-extra-1.19.6-10.71.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:xorg-x11-server-sdk-1.19.6-10.71.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-10T13:54:58Z",
"details": "important"
}
],
"title": "CVE-2024-31083"
}
]
}
SUSE-SU-2024:1260-1
Vulnerability from csaf_suse - Published: 2024-04-12 13:04 - Updated: 2024-04-12 13:04Summary
Security update for xorg-x11-server
Severity
Important
Notes
Title of the patch: Security update for xorg-x11-server
Description of the patch: This update for xorg-x11-server fixes the following issues:
- CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309).
- CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310).
- CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use unswapped length to send reply (bsc#1222311).
- CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312).
Other fixes:
- Fixed regression for security fix for CVE-2024-31083 when using Android Studio (bnc#1222442)
Patchnames: SUSE-2024-1260,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1260,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1260,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1260,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1260,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1260,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1260,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1260
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.6 (High)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.6 (High)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.3 (High)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for xorg-x11-server",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for xorg-x11-server fixes the following issues:\n\n- CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309).\n- CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310).\n- CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use unswapped length to send reply (bsc#1222311).\n- CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312).\n\nOther fixes:\n- Fixed regression for security fix for CVE-2024-31083 when using Android Studio (bnc#1222442)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1260,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1260,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1260,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1260,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1260,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1260,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1260,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1260",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1260-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1260-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241260-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1260-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-April/034963.html"
},
{
"category": "self",
"summary": "SUSE Bug 1222309",
"url": "https://bugzilla.suse.com/1222309"
},
{
"category": "self",
"summary": "SUSE Bug 1222310",
"url": "https://bugzilla.suse.com/1222310"
},
{
"category": "self",
"summary": "SUSE Bug 1222311",
"url": "https://bugzilla.suse.com/1222311"
},
{
"category": "self",
"summary": "SUSE Bug 1222312",
"url": "https://bugzilla.suse.com/1222312"
},
{
"category": "self",
"summary": "SUSE Bug 1222442",
"url": "https://bugzilla.suse.com/1222442"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31081 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31082 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31083/"
}
],
"title": "Security update for xorg-x11-server",
"tracking": {
"current_release_date": "2024-04-12T13:04:14Z",
"generator": {
"date": "2024-04-12T13:04:14Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1260-1",
"initial_release_date": "2024-04-12T13:04:14Z",
"revision_history": [
{
"date": "2024-04-12T13:04:14Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"product": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"product_id": "xorg-x11-server-1.20.3-150400.38.48.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"product": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"product_id": "xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"product": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"product_id": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.20.3-150400.38.48.1.aarch64",
"product": {
"name": "xorg-x11-server-source-1.20.3-150400.38.48.1.aarch64",
"product_id": "xorg-x11-server-source-1.20.3-150400.38.48.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.20.3-150400.38.48.1.i586",
"product": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.i586",
"product_id": "xorg-x11-server-1.20.3-150400.38.48.1.i586"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.i586",
"product": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.i586",
"product_id": "xorg-x11-server-extra-1.20.3-150400.38.48.1.i586"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.i586",
"product": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.i586",
"product_id": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.i586"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.20.3-150400.38.48.1.i586",
"product": {
"name": "xorg-x11-server-source-1.20.3-150400.38.48.1.i586",
"product_id": "xorg-x11-server-source-1.20.3-150400.38.48.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"product": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"product_id": "xorg-x11-server-1.20.3-150400.38.48.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"product": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"product_id": "xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"product": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"product_id": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.20.3-150400.38.48.1.ppc64le",
"product": {
"name": "xorg-x11-server-source-1.20.3-150400.38.48.1.ppc64le",
"product_id": "xorg-x11-server-source-1.20.3-150400.38.48.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"product": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"product_id": "xorg-x11-server-1.20.3-150400.38.48.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"product": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"product_id": "xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"product": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"product_id": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.20.3-150400.38.48.1.s390x",
"product": {
"name": "xorg-x11-server-source-1.20.3-150400.38.48.1.s390x",
"product_id": "xorg-x11-server-source-1.20.3-150400.38.48.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"product": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"product_id": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"product": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"product_id": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"product": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"product_id": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.20.3-150400.38.48.1.x86_64",
"product": {
"name": "xorg-x11-server-source-1.20.3-150400.38.48.1.x86_64",
"product_id": "xorg-x11-server-source-1.20.3-150400.38.48.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64"
},
"product_reference": "xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64"
},
"product_reference": "xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64"
},
"product_reference": "xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le"
},
"product_reference": "xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x"
},
"product_reference": "xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le"
},
"product_reference": "xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le"
},
"product_reference": "xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x"
},
"product_reference": "xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-31080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31080"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31080",
"url": "https://www.suse.com/security/cve/CVE-2024-31080"
},
{
"category": "external",
"summary": "SUSE Bug 1222309 for CVE-2024-31080",
"url": "https://bugzilla.suse.com/1222309"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31080",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:04:14Z",
"details": "important"
}
],
"title": "CVE-2024-31080"
},
{
"cve": "CVE-2024-31081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31081"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31081",
"url": "https://www.suse.com/security/cve/CVE-2024-31081"
},
{
"category": "external",
"summary": "SUSE Bug 1222310 for CVE-2024-31081",
"url": "https://bugzilla.suse.com/1222310"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31081",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:04:14Z",
"details": "important"
}
],
"title": "CVE-2024-31081"
},
{
"cve": "CVE-2024-31082",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31082"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31082",
"url": "https://www.suse.com/security/cve/CVE-2024-31082"
},
{
"category": "external",
"summary": "SUSE Bug 1222311 for CVE-2024-31082",
"url": "https://bugzilla.suse.com/1222311"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31082",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:04:14Z",
"details": "important"
}
],
"title": "CVE-2024-31082"
},
{
"cve": "CVE-2024-31083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31083"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31083",
"url": "https://www.suse.com/security/cve/CVE-2024-31083"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31083",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:xorg-x11-server-sdk-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Proxy 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-1.20.3-150400.38.48.1.x86_64",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.ppc64le",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.s390x",
"SUSE Manager Server 4.3:xorg-x11-server-extra-1.20.3-150400.38.48.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:04:14Z",
"details": "important"
}
],
"title": "CVE-2024-31083"
}
]
}
SUSE-SU-2024:1261-1
Vulnerability from csaf_suse - Published: 2024-04-12 13:05 - Updated: 2024-04-12 13:05Summary
Security update for xorg-x11-server
Severity
Important
Notes
Title of the patch: Security update for xorg-x11-server
Description of the patch: This update for xorg-x11-server fixes the following issues:
- CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309).
- CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310).
- CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use unswapped length to send reply (bsc#1222311).
- CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312).
Other fixes:
- Fixed regression for security fix for CVE-2024-31083 when using Android Studio (bnc#1222442)
Patchnames: SUSE-2024-1261,SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1261,SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1261,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1261,SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1261,SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1261,SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1261,SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1261,SUSE-SLE-Product-WE-15-SP5-2024-1261,SUSE-Storage-7.1-2024-1261
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.6 (High)
Affected products
Recommended
55 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.6 (High)
Affected products
Recommended
55 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.3 (High)
Affected products
Recommended
55 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
55 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for xorg-x11-server",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for xorg-x11-server fixes the following issues:\n\n- CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309).\n- CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310).\n- CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use unswapped length to send reply (bsc#1222311).\n- CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312).\n\nOther fixes:\n- Fixed regression for security fix for CVE-2024-31083 when using Android Studio (bnc#1222442)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1261,SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1261,SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1261,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1261,SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1261,SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1261,SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1261,SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1261,SUSE-SLE-Product-WE-15-SP5-2024-1261,SUSE-Storage-7.1-2024-1261",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1261-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1261-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241261-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1261-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-April/034962.html"
},
{
"category": "self",
"summary": "SUSE Bug 1222309",
"url": "https://bugzilla.suse.com/1222309"
},
{
"category": "self",
"summary": "SUSE Bug 1222310",
"url": "https://bugzilla.suse.com/1222310"
},
{
"category": "self",
"summary": "SUSE Bug 1222311",
"url": "https://bugzilla.suse.com/1222311"
},
{
"category": "self",
"summary": "SUSE Bug 1222312",
"url": "https://bugzilla.suse.com/1222312"
},
{
"category": "self",
"summary": "SUSE Bug 1222442",
"url": "https://bugzilla.suse.com/1222442"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31081 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31082 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31083/"
}
],
"title": "Security update for xorg-x11-server",
"tracking": {
"current_release_date": "2024-04-12T13:05:11Z",
"generator": {
"date": "2024-04-12T13:05:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1261-1",
"initial_release_date": "2024-04-12T13:05:11Z",
"revision_history": [
{
"date": "2024-04-12T13:05:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"product": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"product_id": "xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"product": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"product_id": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"product": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"product_id": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.aarch64",
"product": {
"name": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.aarch64",
"product_id": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.aarch64",
"product": {
"name": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.aarch64",
"product_id": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.i586",
"product": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.i586",
"product_id": "xorg-x11-server-1.20.3-150200.22.5.96.1.i586"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.i586",
"product": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.i586",
"product_id": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.i586"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.i586",
"product": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.i586",
"product_id": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.i586"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.i586",
"product": {
"name": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.i586",
"product_id": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.i586"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.i586",
"product": {
"name": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.i586",
"product_id": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"product": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"product_id": "xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"product": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"product_id": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"product": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"product_id": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.ppc64le",
"product": {
"name": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.ppc64le",
"product_id": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.ppc64le",
"product": {
"name": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.ppc64le",
"product_id": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"product": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"product_id": "xorg-x11-server-1.20.3-150200.22.5.96.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"product": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"product_id": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"product": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"product_id": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.s390x",
"product": {
"name": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.s390x",
"product_id": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.s390x",
"product": {
"name": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.s390x",
"product_id": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"product": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"product_id": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"product": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"product_id": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"product": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"product_id": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.x86_64",
"product": {
"name": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.x86_64",
"product_id": "xorg-x11-server-source-1.20.3-150200.22.5.96.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64",
"product": {
"name": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64",
"product_id": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-31080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31080"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31080",
"url": "https://www.suse.com/security/cve/CVE-2024-31080"
},
{
"category": "external",
"summary": "SUSE Bug 1222309 for CVE-2024-31080",
"url": "https://bugzilla.suse.com/1222309"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31080",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:05:11Z",
"details": "important"
}
],
"title": "CVE-2024-31080"
},
{
"cve": "CVE-2024-31081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31081"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31081",
"url": "https://www.suse.com/security/cve/CVE-2024-31081"
},
{
"category": "external",
"summary": "SUSE Bug 1222310 for CVE-2024-31081",
"url": "https://bugzilla.suse.com/1222310"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31081",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:05:11Z",
"details": "important"
}
],
"title": "CVE-2024-31081"
},
{
"cve": "CVE-2024-31082",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31082"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31082",
"url": "https://www.suse.com/security/cve/CVE-2024-31082"
},
{
"category": "external",
"summary": "SUSE Bug 1222311 for CVE-2024-31082",
"url": "https://bugzilla.suse.com/1222311"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31082",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:05:11Z",
"details": "important"
}
],
"title": "CVE-2024-31082"
},
{
"cve": "CVE-2024-31083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31083"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31083",
"url": "https://www.suse.com/security/cve/CVE-2024-31083"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31083",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.96.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP5:xorg-x11-server-wayland-1.20.3-150200.22.5.96.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:05:11Z",
"details": "important"
}
],
"title": "CVE-2024-31083"
}
]
}
SUSE-SU-2024:1262-1
Vulnerability from csaf_suse - Published: 2024-04-12 13:05 - Updated: 2024-04-12 13:05Summary
Security update for xorg-x11-server
Severity
Important
Notes
Title of the patch: Security update for xorg-x11-server
Description of the patch: This update for xorg-x11-server fixes the following issues:
- CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309).
- CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310).
- CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use unswapped length to send reply (bsc#1222311).
- CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312).
Other fixes:
- Fixed regression for security fix for CVE-2024-31083 when using Android Studio (bnc#1222442)
Patchnames: SUSE-2024-1262,SUSE-SLE-Module-Basesystem-15-SP5-2024-1262,SUSE-SLE-Module-Development-Tools-15-SP5-2024-1262,openSUSE-SLE-15.5-2024-1262
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.6 (High)
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.6 (High)
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.3 (High)
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for xorg-x11-server",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for xorg-x11-server fixes the following issues:\n\n- CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309).\n- CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310).\n- CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use unswapped length to send reply (bsc#1222311).\n- CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312).\n\nOther fixes:\n- Fixed regression for security fix for CVE-2024-31083 when using Android Studio (bnc#1222442)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1262,SUSE-SLE-Module-Basesystem-15-SP5-2024-1262,SUSE-SLE-Module-Development-Tools-15-SP5-2024-1262,openSUSE-SLE-15.5-2024-1262",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1262-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1262-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241262-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1262-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-April/034961.html"
},
{
"category": "self",
"summary": "SUSE Bug 1222309",
"url": "https://bugzilla.suse.com/1222309"
},
{
"category": "self",
"summary": "SUSE Bug 1222310",
"url": "https://bugzilla.suse.com/1222310"
},
{
"category": "self",
"summary": "SUSE Bug 1222311",
"url": "https://bugzilla.suse.com/1222311"
},
{
"category": "self",
"summary": "SUSE Bug 1222312",
"url": "https://bugzilla.suse.com/1222312"
},
{
"category": "self",
"summary": "SUSE Bug 1222442",
"url": "https://bugzilla.suse.com/1222442"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31081 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31082 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31083/"
}
],
"title": "Security update for xorg-x11-server",
"tracking": {
"current_release_date": "2024-04-12T13:05:25Z",
"generator": {
"date": "2024-04-12T13:05:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1262-1",
"initial_release_date": "2024-04-12T13:05:25Z",
"revision_history": [
{
"date": "2024-04-12T13:05:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"product": {
"name": "xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"product_id": "xorg-x11-server-21.1.4-150500.7.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"product": {
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"product_id": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"product": {
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"product_id": "xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"product": {
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"product_id": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"product": {
"name": "xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"product_id": "xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-21.1.4-150500.7.26.1.i586",
"product": {
"name": "xorg-x11-server-21.1.4-150500.7.26.1.i586",
"product_id": "xorg-x11-server-21.1.4-150500.7.26.1.i586"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.i586",
"product": {
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.i586",
"product_id": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.i586"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.i586",
"product": {
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.i586",
"product_id": "xorg-x11-server-extra-21.1.4-150500.7.26.1.i586"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.i586",
"product": {
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.i586",
"product_id": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.i586"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-21.1.4-150500.7.26.1.i586",
"product": {
"name": "xorg-x11-server-source-21.1.4-150500.7.26.1.i586",
"product_id": "xorg-x11-server-source-21.1.4-150500.7.26.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"product": {
"name": "xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"product_id": "xorg-x11-server-21.1.4-150500.7.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"product": {
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"product_id": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"product": {
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"product_id": "xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"product": {
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"product_id": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"product": {
"name": "xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"product_id": "xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"product": {
"name": "xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"product_id": "xorg-x11-server-21.1.4-150500.7.26.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"product": {
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"product_id": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"product": {
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"product_id": "xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"product": {
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"product_id": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"product": {
"name": "xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"product_id": "xorg-x11-server-source-21.1.4-150500.7.26.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"product": {
"name": "xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"product_id": "xorg-x11-server-21.1.4-150500.7.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"product": {
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"product_id": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"product": {
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"product_id": "xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"product": {
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"product_id": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64",
"product": {
"name": "xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64",
"product_id": "xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.4-150500.7.26.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64"
},
"product_reference": "xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.4-150500.7.26.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le"
},
"product_reference": "xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.4-150500.7.26.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x"
},
"product_reference": "xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.4-150500.7.26.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64"
},
"product_reference": "xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64"
},
"product_reference": "xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le"
},
"product_reference": "xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x"
},
"product_reference": "xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64"
},
"product_reference": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le"
},
"product_reference": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x"
},
"product_reference": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.4-150500.7.26.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64"
},
"product_reference": "xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.4-150500.7.26.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le"
},
"product_reference": "xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.4-150500.7.26.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x"
},
"product_reference": "xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.4-150500.7.26.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64"
},
"product_reference": "xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64"
},
"product_reference": "xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le"
},
"product_reference": "xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x"
},
"product_reference": "xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64"
},
"product_reference": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le"
},
"product_reference": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x"
},
"product_reference": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64"
},
"product_reference": "xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le"
},
"product_reference": "xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-source-21.1.4-150500.7.26.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x"
},
"product_reference": "xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64"
},
"product_reference": "xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-31080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31080"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31080",
"url": "https://www.suse.com/security/cve/CVE-2024-31080"
},
{
"category": "external",
"summary": "SUSE Bug 1222309 for CVE-2024-31080",
"url": "https://bugzilla.suse.com/1222309"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31080",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:05:25Z",
"details": "important"
}
],
"title": "CVE-2024-31080"
},
{
"cve": "CVE-2024-31081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31081"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31081",
"url": "https://www.suse.com/security/cve/CVE-2024-31081"
},
{
"category": "external",
"summary": "SUSE Bug 1222310 for CVE-2024-31081",
"url": "https://bugzilla.suse.com/1222310"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31081",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:05:25Z",
"details": "important"
}
],
"title": "CVE-2024-31081"
},
{
"cve": "CVE-2024-31082",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31082"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31082",
"url": "https://www.suse.com/security/cve/CVE-2024-31082"
},
{
"category": "external",
"summary": "SUSE Bug 1222311 for CVE-2024-31082",
"url": "https://bugzilla.suse.com/1222311"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31082",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:05:25Z",
"details": "important"
}
],
"title": "CVE-2024-31082"
},
{
"cve": "CVE-2024-31083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31083"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31083",
"url": "https://www.suse.com/security/cve/CVE-2024-31083"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31083",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-Xvfb-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-extra-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-sdk-21.1.4-150500.7.26.1.x86_64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.aarch64",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.ppc64le",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.s390x",
"openSUSE Leap 15.5:xorg-x11-server-source-21.1.4-150500.7.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:05:25Z",
"details": "important"
}
],
"title": "CVE-2024-31083"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…