suse-su-2024:2776-1
Vulnerability from csaf_suse
Published
2024-08-06 12:33
Modified
2024-08-06 12:33
Summary
Security update for dri3proto, presentproto, wayland-protocols, xwayland
Notes
Title of the patch
Security update for dri3proto, presentproto, wayland-protocols, xwayland
Description of the patch
This update for dri3proto, presentproto, wayland-protocols, xwayland fixes the following issues:
Changes in presentproto:
* update to version 1.4 (patch generated from xorgproto-2024.1 sources)
Changes in wayland-protocols:
- Update to version 1.36:
* xdg-dialog: fix missing namespace in protocol name
- Changes from version 1.35:
* cursor-shape-v1: Does not advertises the list of supported cursors
* xdg-shell: add missing enum attribute to set_constraint_adjustment
* xdg-shell: recommend against drawing decorations when tiled
* tablet-v2: mark as stable
* staging: add alpha-modifier protocol
- Update to 1.36
* Fix to the xdg dialog protocol
* tablet-v2 protocol is now stable
* alpha-modifier: new protocol
* Bug fix to the cursor shape documentation
* The xdg-shell protocol now also explicitly recommends against
drawing decorations outside of the window geometry when tiled
- Update to 1.34:
* xdg-dialog: new protocol
* xdg-toplevel-drag: new protocol
* Fix typo in ext-foreign-toplevel-list-v1
* tablet-v2: clarify that name/id events are optional
* linux-drm-syncobj-v1: new protocol
* linux-explicit-synchronization-v1: add linux-drm-syncobj note
- Update to version 1.33:
* xdg-shell: Clarify what a toplevel by default includes
* linux-dmabuf: sync changes from unstable to stable
* linux-dmabuf: require all planes to use the same modifier
* presentation-time: stop referring to Linux/glibc
* security-context-v1: Make sandbox engine names use reverse-DNS
* xdg-decoration: remove ambiguous wording in configure event
* xdg-decoration: fix configure event summary
* linux-dmabuf: mark as stable
* linux-dmabuf: add note about implicit sync
* security-context-v1: Document what can be done with the open
sockets
* security-context-v1: Document out of band metadata for flatpak
Changes in dri3proto:
* update to version 1.4 (patch generated from xorgproto-2024.1 sources)
Changes in xwayland:
- Update to bugfix release 24.1.1 for the current stable 24.1
branch of Xwayland
* xwayland: fix segment fault in `xwl_glamor_gbm_init_main_dev`
* os: Explicitly include X11/Xmd.h for CARD32 definition to fix
building on i686
* present: On *BSD, epoll-shim is needed to emulate eventfd()
* xwayland: Stop on first unmapped child
* xwayland/window-buffers: Promote xwl_window_buffer
* xwayland/window-buffers: Add xwl_window_buffer_release()
* xwayland/glamor/gbm: Copy explicit sync code to GLAMOR/GBM
* xwayland/window-buffers: Use synchronization from GLAMOR/GBM
* xwayland/window-buffers: Do not always set syncpnts
* xwayland/window-buffers: Move code to submit pixmaps
* xwayland/window-buffers: Set syncpnts for all pixmaps
* xwayland: Move xwl_window disposal to its own function
* xwayland: Make sure we do not leak xwl_window on destroy
* wayland/window-buffers: Move buffer disposal to its own function
* xwayland/window-buffers: optionally force disposal
* wayland: Force disposal of windows buffers for root on destroy
* xwayland: Check for pointer in xwl_seat_leave_ptr()
* xwayland: remove includedir from pkgconfig
- disable DPMS on sle15 due to missing proto package
- Update to feature release 24.1.0
* This fixes a couple of regressions introduced in the previous release
candidate versions along with a fix for XTEST emulation with EI.
+ xwayland: Send ei_device_frame on device_scroll_discrete
+ xwayland: Restore the ResizeWindow handler
+ xwayland: Handle rootful resize in ResizeWindow
+ xwayland: Move XRandR emulation to the ResizeWindow hook
+ xwayland: Use correct xwl_window lookup function in xwl_set_shape
- eglstreams has been dropped
- Update to bug fix relesae 23.2.7
* m4: drop autoconf leftovers
* xwayland: Send ei_device_frame on device_scroll_discrete
* xwayland: Call drmFreeDevice for dma-buf default feedback
* xwayland: Use drmDevicesEqual in xwl_dmabuf_feedback_tranche_done
* dri3: Free formats in cache_formats_and_modifiers
* xwayland/glamor: Handle depth 15 in gbm_format_for_depth
* Revert 'xwayland/glamor: Avoid implicit redirection with depth 32 parent windows'
* xwayland: Check for outputs before lease devices
* xwayland: Do not remove output on withdraw if leased
- Update to 23.2.6
* This is a quick bug fix release to address a regression
introduced by the fix for CVE-2024-31083 in xwayland-23.2.5.
- Security update 23.2.5
This release contains the 3 security fixes that actually apply to
Xwayland reported in the security advisory of April 3rd 2024
* CVE-2024-31080
* CVE-2024-31081
* CVE-2024-31083
Additionally, it also contains a couple of other fixes, a copy/paste
error in the DeviceStateNotify event and a fix to enable buttons with
pointer gestures for backward compatibility with legacy X11 clients.
- Don't provide xorg-x11-server-source
* xwayland sources are not meant for a generic server.
Patchnames
SUSE-2024-2776,SUSE-SLE-Module-Development-Tools-15-SP5-2024-2776,SUSE-SLE-Module-Development-Tools-15-SP6-2024-2776,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2776,SUSE-SLE-Product-WE-15-SP6-2024-2776,openSUSE-SLE-15.5-2024-2776,openSUSE-SLE-15.6-2024-2776
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for dri3proto, presentproto, wayland-protocols, xwayland",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for dri3proto, presentproto, wayland-protocols, xwayland fixes the following issues:\n\nChanges in presentproto:\n\n* update to version 1.4 (patch generated from xorgproto-2024.1 sources)\n\nChanges in wayland-protocols:\n\n- Update to version 1.36:\n\n * xdg-dialog: fix missing namespace in protocol name\n\n- Changes from version 1.35:\n\n * cursor-shape-v1: Does not advertises the list of supported cursors\n * xdg-shell: add missing enum attribute to set_constraint_adjustment\n * xdg-shell: recommend against drawing decorations when tiled\n * tablet-v2: mark as stable\n * staging: add alpha-modifier protocol\n\n- Update to 1.36\n\n * Fix to the xdg dialog protocol\n * tablet-v2 protocol is now stable\n * alpha-modifier: new protocol\n * Bug fix to the cursor shape documentation\n * The xdg-shell protocol now also explicitly recommends against\n drawing decorations outside of the window geometry when tiled\n\n- Update to 1.34:\n\n * xdg-dialog: new protocol\n * xdg-toplevel-drag: new protocol\n * Fix typo in ext-foreign-toplevel-list-v1\n * tablet-v2: clarify that name/id events are optional\n * linux-drm-syncobj-v1: new protocol\n * linux-explicit-synchronization-v1: add linux-drm-syncobj note\n\n- Update to version 1.33:\n\n * xdg-shell: Clarify what a toplevel by default includes\n * linux-dmabuf: sync changes from unstable to stable\n * linux-dmabuf: require all planes to use the same modifier\n * presentation-time: stop referring to Linux/glibc\n * security-context-v1: Make sandbox engine names use reverse-DNS\n * xdg-decoration: remove ambiguous wording in configure event\n * xdg-decoration: fix configure event summary\n * linux-dmabuf: mark as stable\n * linux-dmabuf: add note about implicit sync\n * security-context-v1: Document what can be done with the open\n sockets\n * security-context-v1: Document out of band metadata for flatpak\n\nChanges in dri3proto:\n\n* update to version 1.4 (patch generated from xorgproto-2024.1 sources)\n\nChanges in xwayland:\n\n\n- Update to bugfix release 24.1.1 for the current stable 24.1\n branch of Xwayland\n\n * xwayland: fix segment fault in `xwl_glamor_gbm_init_main_dev`\n * os: Explicitly include X11/Xmd.h for CARD32 definition to fix\n building on i686\n * present: On *BSD, epoll-shim is needed to emulate eventfd()\n * xwayland: Stop on first unmapped child\n * xwayland/window-buffers: Promote xwl_window_buffer\n * xwayland/window-buffers: Add xwl_window_buffer_release()\n * xwayland/glamor/gbm: Copy explicit sync code to GLAMOR/GBM\n * xwayland/window-buffers: Use synchronization from GLAMOR/GBM\n * xwayland/window-buffers: Do not always set syncpnts\n * xwayland/window-buffers: Move code to submit pixmaps\n * xwayland/window-buffers: Set syncpnts for all pixmaps\n * xwayland: Move xwl_window disposal to its own function\n * xwayland: Make sure we do not leak xwl_window on destroy\n * wayland/window-buffers: Move buffer disposal to its own function\n * xwayland/window-buffers: optionally force disposal\n * wayland: Force disposal of windows buffers for root on destroy\n * xwayland: Check for pointer in xwl_seat_leave_ptr()\n * xwayland: remove includedir from pkgconfig\n\n- disable DPMS on sle15 due to missing proto package\n\n- Update to feature release 24.1.0\n * This fixes a couple of regressions introduced in the previous release\n candidate versions along with a fix for XTEST emulation with EI.\n + xwayland: Send ei_device_frame on device_scroll_discrete\n + xwayland: Restore the ResizeWindow handler\n + xwayland: Handle rootful resize in ResizeWindow\n + xwayland: Move XRandR emulation to the ResizeWindow hook\n + xwayland: Use correct xwl_window lookup function in xwl_set_shape\n- eglstreams has been dropped\n\n- Update to bug fix relesae 23.2.7\n * m4: drop autoconf leftovers\n * xwayland: Send ei_device_frame on device_scroll_discrete\n * xwayland: Call drmFreeDevice for dma-buf default feedback\n * xwayland: Use drmDevicesEqual in xwl_dmabuf_feedback_tranche_done\n * dri3: Free formats in cache_formats_and_modifiers\n * xwayland/glamor: Handle depth 15 in gbm_format_for_depth\n * Revert \u0027xwayland/glamor: Avoid implicit redirection with depth 32 parent windows\u0027\n * xwayland: Check for outputs before lease devices\n * xwayland: Do not remove output on withdraw if leased\n\n- Update to 23.2.6\n * This is a quick bug fix release to address a regression\n introduced by the fix for CVE-2024-31083 in xwayland-23.2.5.\n\n- Security update 23.2.5 \n\n This release contains the 3 security fixes that actually apply to\n Xwayland reported in the security advisory of April 3rd 2024\n\n * CVE-2024-31080\n * CVE-2024-31081\n * CVE-2024-31083\n\n Additionally, it also contains a couple of other fixes, a copy/paste\n error in the DeviceStateNotify event and a fix to enable buttons with\n pointer gestures for backward compatibility with legacy X11 clients.\n\n- Don\u0027t provide xorg-x11-server-source\n * xwayland sources are not meant for a generic server.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-2776,SUSE-SLE-Module-Development-Tools-15-SP5-2024-2776,SUSE-SLE-Module-Development-Tools-15-SP6-2024-2776,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2776,SUSE-SLE-Product-WE-15-SP6-2024-2776,openSUSE-SLE-15.5-2024-2776,openSUSE-SLE-15.6-2024-2776",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2776-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:2776-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242776-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:2776-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019222.html"
},
{
"category": "self",
"summary": "SUSE Bug 1219892",
"url": "https://bugzilla.suse.com/1219892"
},
{
"category": "self",
"summary": "SUSE Bug 1222309",
"url": "https://bugzilla.suse.com/1222309"
},
{
"category": "self",
"summary": "SUSE Bug 1222310",
"url": "https://bugzilla.suse.com/1222310"
},
{
"category": "self",
"summary": "SUSE Bug 1222312",
"url": "https://bugzilla.suse.com/1222312"
},
{
"category": "self",
"summary": "SUSE Bug 1222442",
"url": "https://bugzilla.suse.com/1222442"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31081 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-31083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-31083/"
}
],
"title": "Security update for dri3proto, presentproto, wayland-protocols, xwayland",
"tracking": {
"current_release_date": "2024-08-06T12:33:59Z",
"generator": {
"date": "2024-08-06T12:33:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:2776-1",
"initial_release_date": "2024-08-06T12:33:59Z",
"revision_history": [
{
"date": "2024-08-06T12:33:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dri3proto-devel-1.2-150100.6.3.1.aarch64",
"product": {
"name": "dri3proto-devel-1.2-150100.6.3.1.aarch64",
"product_id": "dri3proto-devel-1.2-150100.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "presentproto-devel-1.3-150600.3.3.1.aarch64",
"product": {
"name": "presentproto-devel-1.3-150600.3.3.1.aarch64",
"product_id": "presentproto-devel-1.3-150600.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "xwayland-24.1.1-150600.5.3.1.aarch64",
"product": {
"name": "xwayland-24.1.1-150600.5.3.1.aarch64",
"product_id": "xwayland-24.1.1-150600.5.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "xwayland-devel-24.1.1-150600.5.3.1.aarch64",
"product": {
"name": "xwayland-devel-24.1.1-150600.5.3.1.aarch64",
"product_id": "xwayland-devel-24.1.1-150600.5.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dri3proto-devel-1.2-150100.6.3.1.i586",
"product": {
"name": "dri3proto-devel-1.2-150100.6.3.1.i586",
"product_id": "dri3proto-devel-1.2-150100.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "presentproto-devel-1.3-150600.3.3.1.i586",
"product": {
"name": "presentproto-devel-1.3-150600.3.3.1.i586",
"product_id": "presentproto-devel-1.3-150600.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "xwayland-24.1.1-150600.5.3.1.i586",
"product": {
"name": "xwayland-24.1.1-150600.5.3.1.i586",
"product_id": "xwayland-24.1.1-150600.5.3.1.i586"
}
},
{
"category": "product_version",
"name": "xwayland-devel-24.1.1-150600.5.3.1.i586",
"product": {
"name": "xwayland-devel-24.1.1-150600.5.3.1.i586",
"product_id": "xwayland-devel-24.1.1-150600.5.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"product": {
"name": "wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"product_id": "wayland-protocols-devel-1.36-150600.4.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"product": {
"name": "dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"product_id": "dri3proto-devel-1.2-150100.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "presentproto-devel-1.3-150600.3.3.1.ppc64le",
"product": {
"name": "presentproto-devel-1.3-150600.3.3.1.ppc64le",
"product_id": "presentproto-devel-1.3-150600.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xwayland-24.1.1-150600.5.3.1.ppc64le",
"product": {
"name": "xwayland-24.1.1-150600.5.3.1.ppc64le",
"product_id": "xwayland-24.1.1-150600.5.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xwayland-devel-24.1.1-150600.5.3.1.ppc64le",
"product": {
"name": "xwayland-devel-24.1.1-150600.5.3.1.ppc64le",
"product_id": "xwayland-devel-24.1.1-150600.5.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dri3proto-devel-1.2-150100.6.3.1.s390x",
"product": {
"name": "dri3proto-devel-1.2-150100.6.3.1.s390x",
"product_id": "dri3proto-devel-1.2-150100.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "presentproto-devel-1.3-150600.3.3.1.s390x",
"product": {
"name": "presentproto-devel-1.3-150600.3.3.1.s390x",
"product_id": "presentproto-devel-1.3-150600.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "xwayland-24.1.1-150600.5.3.1.s390x",
"product": {
"name": "xwayland-24.1.1-150600.5.3.1.s390x",
"product_id": "xwayland-24.1.1-150600.5.3.1.s390x"
}
},
{
"category": "product_version",
"name": "xwayland-devel-24.1.1-150600.5.3.1.s390x",
"product": {
"name": "xwayland-devel-24.1.1-150600.5.3.1.s390x",
"product_id": "xwayland-devel-24.1.1-150600.5.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dri3proto-devel-1.2-150100.6.3.1.x86_64",
"product": {
"name": "dri3proto-devel-1.2-150100.6.3.1.x86_64",
"product_id": "dri3proto-devel-1.2-150100.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "presentproto-devel-1.3-150600.3.3.1.x86_64",
"product": {
"name": "presentproto-devel-1.3-150600.3.3.1.x86_64",
"product_id": "presentproto-devel-1.3-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "xwayland-24.1.1-150600.5.3.1.x86_64",
"product": {
"name": "xwayland-24.1.1-150600.5.3.1.x86_64",
"product_id": "xwayland-24.1.1-150600.5.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "xwayland-devel-24.1.1-150600.5.3.1.x86_64",
"product": {
"name": "xwayland-devel-24.1.1-150600.5.3.1.x86_64",
"product_id": "xwayland-devel-24.1.1-150600.5.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "presentproto-devel-1.3-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64"
},
"product_reference": "presentproto-devel-1.3-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "presentproto-devel-1.3-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le"
},
"product_reference": "presentproto-devel-1.3-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "presentproto-devel-1.3-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x"
},
"product_reference": "presentproto-devel-1.3-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "presentproto-devel-1.3-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64"
},
"product_reference": "presentproto-devel-1.3-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wayland-protocols-devel-1.36-150600.4.3.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch"
},
"product_reference": "wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xwayland-24.1.1-150600.5.3.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP6",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64"
},
"product_reference": "xwayland-24.1.1-150600.5.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dri3proto-devel-1.2-150100.6.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64"
},
"product_reference": "dri3proto-devel-1.2-150100.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "presentproto-devel-1.3-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64"
},
"product_reference": "presentproto-devel-1.3-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "presentproto-devel-1.3-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le"
},
"product_reference": "presentproto-devel-1.3-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "presentproto-devel-1.3-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x"
},
"product_reference": "presentproto-devel-1.3-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "presentproto-devel-1.3-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64"
},
"product_reference": "presentproto-devel-1.3-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wayland-protocols-devel-1.36-150600.4.3.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch"
},
"product_reference": "wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xwayland-24.1.1-150600.5.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64"
},
"product_reference": "xwayland-24.1.1-150600.5.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xwayland-24.1.1-150600.5.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le"
},
"product_reference": "xwayland-24.1.1-150600.5.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xwayland-24.1.1-150600.5.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x"
},
"product_reference": "xwayland-24.1.1-150600.5.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xwayland-24.1.1-150600.5.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64"
},
"product_reference": "xwayland-24.1.1-150600.5.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xwayland-devel-24.1.1-150600.5.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64"
},
"product_reference": "xwayland-devel-24.1.1-150600.5.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xwayland-devel-24.1.1-150600.5.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le"
},
"product_reference": "xwayland-devel-24.1.1-150600.5.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xwayland-devel-24.1.1-150600.5.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x"
},
"product_reference": "xwayland-devel-24.1.1-150600.5.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xwayland-devel-24.1.1-150600.5.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"
},
"product_reference": "xwayland-devel-24.1.1-150600.5.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-31080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31080"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31080",
"url": "https://www.suse.com/security/cve/CVE-2024-31080"
},
{
"category": "external",
"summary": "SUSE Bug 1222309 for CVE-2024-31080",
"url": "https://bugzilla.suse.com/1222309"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31080",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-06T12:33:59Z",
"details": "important"
}
],
"title": "CVE-2024-31080"
},
{
"cve": "CVE-2024-31081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31081"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31081",
"url": "https://www.suse.com/security/cve/CVE-2024-31081"
},
{
"category": "external",
"summary": "SUSE Bug 1222310 for CVE-2024-31081",
"url": "https://bugzilla.suse.com/1222310"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31081",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-06T12:33:59Z",
"details": "important"
}
],
"title": "CVE-2024-31081"
},
{
"cve": "CVE-2024-31083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-31083"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-31083",
"url": "https://www.suse.com/security/cve/CVE-2024-31083"
},
{
"category": "external",
"summary": "SUSE Bug 1222312 for CVE-2024-31083",
"url": "https://bugzilla.suse.com/1222312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x",
"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x",
"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x",
"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-06T12:33:59Z",
"details": "important"
}
],
"title": "CVE-2024-31083"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…