nx-libs icon indicating copy to clipboard operation
nx-libs copied to clipboard
verified publisher icon ArcticaProject

CVE-2024-9632, CVE-2024-30180, CVE-2024-31081, CVE-2024-31083

Open jcastle-gh opened this issue 1 year ago • 2 comments

X.Org Security Advisory: Issues in X.Org X server prior to 21.1.14 and Xwayland prior to 24.1.4 CVE-2024-9632: Heap-based buffer overflow privilege escalation in _XkbSetCompatMap The announcement linked above has a link to the commit that fixed it. I see the affected code for it in nx-libs but it's not identical.

X.Org Security Advisory: Issues in X.Org X server prior to 21.1.12 and Xwayland prior to 23.2.5 CVE-2024-31080: Heap buffer overread/data leakage in ProcXIGetSelectedEvents (Introduced in xorg-server-1.7.0 2009) CVE-2024-31081: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice (Introduced in xorg-server-1.7.0 2009) CVE-2024-31083: User-after-free in ProcRenderAddGlyphs (Introduced in X11R6-7 2004) The announcement linked above has links to the commits that fixed them. I don't see the affected code for the first two in nx-libs, so maybe it's immune or maybe the code is just in different places. I see the affected code for the last one but it's not identical. Also, apparently that one was tricky - upstream took two tries. The announcement also lists CVE-2024-31082 introduced in xorg-server-1.12.0 so I don't think that would be here.

jcastle-gh avatar Dec 06 '24 00:12 jcastle-gh

Thx, will check that. Will take some time, though.

Uli

GimmeHardware @.***> schrieb am Fr., 6. Dez. 2024, 01:35:

X.Org Security Advisory: Issues in X.Org X server prior to 21.1.14 and Xwayland prior to 24.1.4 https://lists.x.org/archives/xorg-announce/2024-October/003545.html CVE-2024-9632 https://github.com/advisories/GHSA-cjcf-6ch6-g3rx: Heap-based buffer overflow privilege escalation in _XkbSetCompatMap The announcement linked above has a link to the commit that fixed it. I see the affected code for it in nx-libs but it's not identical.

X.Org Security Advisory: Issues in X.Org X server prior to 21.1.12 and Xwayland prior to 23.2.5 https://lists.freedesktop.org/archives/xorg-announce/2024-April/003505.html CVE-2024-31080 https://github.com/advisories/GHSA-mqqf-4p7r-rf89: Heap buffer overread/data leakage in ProcXIGetSelectedEvents (Introduced in xorg-server-1.7.0 2009) CVE-2024-31081 https://github.com/advisories/GHSA-3fpg-j8cw-vcjq: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice (Introduced in xorg-server-1.7.0 2009) CVE-2024-31083 https://github.com/advisories/GHSA-q6w6-rjjj-5p52: User-after-free in ProcRenderAddGlyphs (Introduced in X11R6-7 2004) The announcement linked above has links to the commits that fixed them. I don't see the affected code for the first two in nx-libs, so maybe it's immune or maybe the code is just in different places. I see the affected code for the last one but it's not identical. Also, apparently that one was tricky - upstream took two tries. The announcement also lists CVE-2024-31082 https://github.com/advisories/GHSA-cm2m-f7gc-hv64 introduced in xorg-server-1.12.0 so I don't think that would be here.

— Reply to this email directly, view it on GitHub https://github.com/ArcticaProject/nx-libs/issues/1085, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABQHBZGI5CUILZFWV6DJCVT2EDWO3AVCNFSM6AAAAABTDUAZQOVHI2DSMVQWIX3LMV43ASLTON2WKOZSG4ZDCNZWGQZDMOA . You are receiving this because you are subscribed to this thread.Message ID: @.***>

uli42 avatar Dec 06 '24 06:12 uli42

I managed to fix the first one, but the others are too complicated as our code is years behind. As I am working on bringing nx on a current xorg code base this will be resolved "automatically" eventually.

uli42 avatar May 02 '25 17:05 uli42