https://seclists.org/oss-sec/2021/q2/20 Insufficient checks on the lengths of the XInput extension ChangeFeedbackControl request can lead to out of bounds memory accesses in the X server. These issues can lead to privilege escalation for authorized clients on systems where the X server is running privileged. * CVE-2021-3472 / ZDI CAN 12549 XChangeFeedbackControl Integer Underflow
Whiteboard: (none) => MGA7TOO
xorg-server-1.20.11: https://lists.freedesktop.org/archives/xorg/2021-April/060678.html xwayland-21.1.1: https://lists.freedesktop.org/archives/xorg/2021-April/060679.html
This obviously is for Cauldron too
Whiteboard: MGA7TOO => MGA7TOO, MGA8TOOVersion: 8 => Cauldron
Cauldron fixed.
Whiteboard: MGA7TOO, MGA8TOO => MGA7TOOVersion: Cauldron => 8Assignee: thierry.vignaud => qa-bugs
Mga8 rpms: SRPM: x11-server-1.20.11-1.mga8.src.rpm i586: x11-server-1.20.11-1.mga8.i586.rpm x11-server-common-1.20.11-1.mga8.i586.rpm x11-server-devel-1.20.11-1.mga8.i586.rpm x11-server-source-1.20.11-1.mga8.noarch.rpm x11-server-xdmx-1.20.11-1.mga8.i586.rpm x11-server-xephyr-1.20.11-1.mga8.i586.rpm x11-server-xnest-1.20.11-1.mga8.i586.rpm x11-server-xorg-1.20.11-1.mga8.i586.rpm x11-server-xvfb-1.20.11-1.mga8.i586.rpm x11-server-xwayland-1.20.11-1.mga8.i586.rpm x86_64: x11-server-1.20.11-1.mga8.x86_64.rpm x11-server-common-1.20.11-1.mga8.x86_64.rpm x11-server-devel-1.20.11-1.mga8.x86_64.rpm x11-server-source-1.20.11-1.mga8.noarch.rpm x11-server-xdmx-1.20.11-1.mga8.x86_64.rpm x11-server-xephyr-1.20.11-1.mga8.x86_64.rpm x11-server-xnest-1.20.11-1.mga8.x86_64.rpm x11-server-xorg-1.20.11-1.mga8.x86_64.rpm x11-server-xvfb-1.20.11-1.mga8.x86_64.rpm x11-server-xwayland-1.20.11-1.mga8.x86_64.rpm
Mga7 rpms: SRPM: x11-server-1.20.11-1.mga7.src.rpm i586: x11-server-1.20.11-1.mga7.i586.rpm x11-server-common-1.20.11-1.mga7.i586.rpm x11-server-devel-1.20.11-1.mga7.i586.rpm x11-server-source-1.20.11-1.mga7.noarch.rpm x11-server-xdmx-1.20.11-1.mga7.i586.rpm x11-server-xephyr-1.20.11-1.mga7.i586.rpm x11-server-xnest-1.20.11-1.mga7.i586.rpm x11-server-xorg-1.20.11-1.mga7.i586.rpm x11-server-xvfb-1.20.11-1.mga7.i586.rpm x11-server-xwayland-1.20.11-1.mga7.i586.rpm x86_64: x11-server-1.20.11-1.mga7.x86_64.rpm x11-server-common-1.20.11-1.mga7.x86_64.rpm x11-server-devel-1.20.11-1.mga7.x86_64.rpm x11-server-source-1.20.11-1.mga7.noarch.rpm x11-server-xdmx-1.20.11-1.mga7.x86_64.rpm x11-server-xephyr-1.20.11-1.mga7.x86_64.rpm x11-server-xnest-1.20.11-1.mga7.x86_64.rpm x11-server-xorg-1.20.11-1.mga7.x86_64.rpm x11-server-xvfb-1.20.11-1.mga7.x86_64.rpm x11-server-xwayland-1.20.11-1.mga7.x86_64.rpm
mga8 64 bit with Plasma, not wayland. nvidia-current; GeForce 635 series and later Kernel 5.10.27-desktop-1.mga8 No issues noted. Hardware: My workstation "svarten": Mainboard: Sabertooth P67, CPU: i7-3770, GPU: Nvidia GM107 [GeForce GTX 750], 4k display on DisplayPort.
CC: (none) => fri
MGA 7 VM with Nvidia 520M driver 390 and Kernel 5.10.27 updated with QA repo and: x11-server-common-1.20.11-1.mga7.x86_64 x11-server-xorg-1.20.11-1.mga7.x86_64 x11-server-xwayland -1.20.11-1.mga7.x86_64 No issues at installation and after reboot. OK MGA 8 VM LXqtwith Nvidia 520M driver 390 and Kernel 5.10.27 updated with QA repo and: x11-server-common-1.20.11-1.mga8.x86_64 x11-server-xorg-1.20.11-1.mga8.x86_64 x11-server-xwayland -1.20.11-1.mga8.x86_64 No issues at installation and after reboot. MGA 8 Xfce with Nvidia 520M driver 390 Optimus Technology and Kernel 5.10.27 updated with QA repo and: x11-server-common-1.20.11-1.mga8.x86_64 x11-server-xorg-1.20.11-1.mga8.x86_64 x11-server-xwayland -1.20.11-1.mga8.x86_64 No issues at installation and after reboot. Switching with Mageia Prime OK
CC: (none) => guillaume.royer
MGA 8 Plasma, Nvidia GeForce GTX 1660 Ti, nvidia-current 460-67-1 version. X11 session is OK. 3D is OK. No issues. Note x11-server-xephyr-1.20.11-1.mga8.x86_64.rpm is also OK. XWayland under Plasma wayland session too. Firefox is able to launch, same for drakconf. MGA 7 and 8 Plasma, Nvidia GeForce GTX 670, nvidia-current 460-67-1 version. Same OK on both systems. MGA 8 Plasma and Gnome on Intel 630 integrated GPU. This is OK. 3D is OK XWayland is OK too.
CC: (none) => ouaurelienWhiteboard: MGA7TOO => MGA7TOO MGA7-64-OK MGA8-64-OKCVE: (none) => CVE-2021-3472
Advisory: ======================== The updated x11-server packages fix security vulnerability: References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3472 https://lists.freedesktop.org/archives/xorg/2021-April/060678.html https://lists.freedesktop.org/archives/xorg/2021-April/060679.html ======================== Updated packages in 8/core/updates_testing: ======================== i586: x11-server-1.20.11-1.mga8.i586.rpm x11-server-common-1.20.11-1.mga8.i586.rpm x11-server-devel-1.20.11-1.mga8.i586.rpm x11-server-source-1.20.11-1.mga8.noarch.rpm x11-server-xdmx-1.20.11-1.mga8.i586.rpm x11-server-xephyr-1.20.11-1.mga8.i586.rpm x11-server-xnest-1.20.11-1.mga8.i586.rpm x11-server-xorg-1.20.11-1.mga8.i586.rpm x11-server-xvfb-1.20.11-1.mga8.i586.rpm x11-server-xwayland-1.20.11-1.mga8.i586.rpm x86_64: x11-server-1.20.11-1.mga8.x86_64.rpm x11-server-common-1.20.11-1.mga8.x86_64.rpm x11-server-devel-1.20.11-1.mga8.x86_64.rpm x11-server-source-1.20.11-1.mga8.noarch.rpm x11-server-xdmx-1.20.11-1.mga8.x86_64.rpm x11-server-xephyr-1.20.11-1.mga8.x86_64.rpm x11-server-xnest-1.20.11-1.mga8.x86_64.rpm x11-server-xorg-1.20.11-1.mga8.x86_64.rpm x11-server-xvfb-1.20.11-1.mga8.x86_64.rpm x11-server-xwayland-1.20.11-1.mga8.x86_64.rpm from SRPM: x11-server-1.20.11-1.mga8.src.rpm Updated packages in 7/core/updates_testing: ======================== i586: x11-server-1.20.11-1.mga7.i586.rpm x11-server-common-1.20.11-1.mga7.i586.rpm x11-server-devel-1.20.11-1.mga7.i586.rpm x11-server-source-1.20.11-1.mga7.noarch.rpm x11-server-xdmx-1.20.11-1.mga7.i586.rpm x11-server-xephyr-1.20.11-1.mga7.i586.rpm x11-server-xnest-1.20.11-1.mga7.i586.rpm x11-server-xorg-1.20.11-1.mga7.i586.rpm x11-server-xvfb-1.20.11-1.mga7.i586.rpm x11-server-xwayland-1.20.11-1.mga7.i586.rpm x86_64: x11-server-1.20.11-1.mga7.x86_64.rpm x11-server-common-1.20.11-1.mga7.x86_64.rpm x11-server-devel-1.20.11-1.mga7.x86_64.rpm x11-server-source-1.20.11-1.mga7.noarch.rpm x11-server-xdmx-1.20.11-1.mga7.x86_64.rpm x11-server-xephyr-1.20.11-1.mga7.x86_64.rpm x11-server-xnest-1.20.11-1.mga7.x86_64.rpm x11-server-xorg-1.20.11-1.mga7.x86_64.rpm x11-server-xvfb-1.20.11-1.mga7.x86_64.rpm x11-server-xwayland-1.20.11-1.mga7.x86_64.rpm from SRPM: x11-server-1.20.11-1.mga7.src.rpm Advisory committed.
Keywords: (none) => advisory
Oups, missing text. Advisory: ======================== The updated x11-server packages fix security vulnerability: Insufficient checks on the lengths of the XInput extension ChangeFeedbackControl request can lead to out of bounds memory accesses in the X server. (CVE-2021-3472). These issues can lead to privilege escalation for authorized clients on systems where the X server is running privileged. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3472 https://lists.freedesktop.org/archives/xorg/2021-April/060678.html https://lists.freedesktop.org/archives/xorg/2021-April/060679.html ======================== Updated packages in 8/core/updates_testing: unchanged.
Dell Inspiron 5100, P4, Mobility Radeon 7500 (RV200) graphics, 32-bit Xfce systems, MGA7 and MGA8. Updated both systems in turn using qarepo. No installation issues. Did a reboot because it seemed like the thing to do, no issues noted on either install. Giving a 32-bit OK for both. Validating.
Whiteboard: MGA7TOO MGA7-64-OK MGA8-64-OK => MGA7TOO MGA7-64-OK MGA8-64-OK MGA7-32-OK MGA8-32-OKKeywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0190.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
Debian has issued an advisory for this on April 19: https://www.debian.org/security/2021/dsa-4893