{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for dri3proto, presentproto, wayland-protocols, xwayland","title":"Title of the patch"},{"category":"description","text":"This update for dri3proto, presentproto, wayland-protocols, xwayland fixes the following issues:\n\nChanges in presentproto:\n\n* update to version 1.4 (patch generated from xorgproto-2024.1 sources)\n\nChanges in wayland-protocols:\n\n- Update to version 1.36:\n\n  * xdg-dialog: fix missing namespace in protocol name\n\n- Changes from version 1.35:\n\n  * cursor-shape-v1: Does not advertises the list of supported cursors\n  * xdg-shell: add missing enum attribute to set_constraint_adjustment\n  * xdg-shell: recommend against drawing decorations when tiled\n  * tablet-v2: mark as stable\n  * staging: add alpha-modifier protocol\n\n- Update to 1.36\n\n  * Fix to the xdg dialog protocol\n  * tablet-v2 protocol is now stable\n  * alpha-modifier: new protocol\n  * Bug fix to the cursor shape documentation\n  * The xdg-shell protocol now also explicitly recommends against\n    drawing decorations outside of the window geometry when tiled\n\n- Update to 1.34:\n\n  * xdg-dialog: new protocol\n  * xdg-toplevel-drag: new protocol\n  * Fix typo in ext-foreign-toplevel-list-v1\n  * tablet-v2: clarify that name/id events are optional\n  * linux-drm-syncobj-v1: new protocol\n  * linux-explicit-synchronization-v1: add linux-drm-syncobj note\n\n- Update to version 1.33:\n\n  * xdg-shell: Clarify what a toplevel by default includes\n  * linux-dmabuf: sync changes from unstable to stable\n  * linux-dmabuf: require all planes to use the same modifier\n  * presentation-time: stop referring to Linux/glibc\n  * security-context-v1: Make sandbox engine names use reverse-DNS\n  * xdg-decoration: remove ambiguous wording in configure event\n  * xdg-decoration: fix configure event summary\n  * linux-dmabuf: mark as stable\n  * linux-dmabuf: add note about implicit sync\n  * security-context-v1: Document what can be done with the open\n    sockets\n  * security-context-v1: Document out of band metadata for flatpak\n\nChanges in dri3proto:\n\n* update to version 1.4 (patch generated from xorgproto-2024.1 sources)\n\nChanges in xwayland:\n\n\n- Update to bugfix release 24.1.1 for the current stable 24.1\n  branch of Xwayland\n\n  * xwayland: fix segment fault in `xwl_glamor_gbm_init_main_dev`\n  * os: Explicitly include X11/Xmd.h for CARD32 definition to fix\n    building on i686\n  * present: On *BSD, epoll-shim is needed to emulate eventfd()\n  * xwayland: Stop on first unmapped child\n  * xwayland/window-buffers: Promote xwl_window_buffer\n  * xwayland/window-buffers: Add xwl_window_buffer_release()\n  * xwayland/glamor/gbm: Copy explicit sync code to GLAMOR/GBM\n  * xwayland/window-buffers: Use synchronization from GLAMOR/GBM\n  * xwayland/window-buffers: Do not always set syncpnts\n  * xwayland/window-buffers: Move code to submit pixmaps\n  * xwayland/window-buffers: Set syncpnts for all pixmaps\n  * xwayland: Move xwl_window disposal to its own function\n  * xwayland: Make sure we do not leak xwl_window on destroy\n  * wayland/window-buffers: Move buffer disposal to its own function\n  * xwayland/window-buffers: optionally force disposal\n  * wayland: Force disposal of windows buffers for root on destroy\n  * xwayland: Check for pointer in xwl_seat_leave_ptr()\n  * xwayland: remove includedir from pkgconfig\n\n- disable DPMS on sle15 due to missing proto package\n\n- Update to feature release 24.1.0\n  * This fixes a couple of regressions introduced in the previous release\n    candidate versions along with a fix for XTEST emulation with EI.\n    + xwayland: Send ei_device_frame on device_scroll_discrete\n    + xwayland: Restore the ResizeWindow handler\n    + xwayland: Handle rootful resize in ResizeWindow\n    + xwayland: Move XRandR emulation to the ResizeWindow hook\n    + xwayland: Use correct xwl_window lookup function in xwl_set_shape\n- eglstreams has been dropped\n\n- Update to bug fix relesae 23.2.7\n  * m4: drop autoconf leftovers\n  * xwayland: Send ei_device_frame on device_scroll_discrete\n  * xwayland: Call drmFreeDevice for dma-buf default feedback\n  * xwayland: Use drmDevicesEqual in xwl_dmabuf_feedback_tranche_done\n  * dri3: Free formats in cache_formats_and_modifiers\n  * xwayland/glamor: Handle depth 15 in gbm_format_for_depth\n  * Revert 'xwayland/glamor: Avoid implicit redirection with depth 32 parent windows'\n  * xwayland: Check for outputs before lease devices\n  * xwayland: Do not remove output on withdraw if leased\n\n- Update to 23.2.6\n  * This is a quick bug fix release to address a regression\n    introduced by the fix for CVE-2024-31083 in xwayland-23.2.5.\n\n- Security update 23.2.5 \n\n  This release contains the 3 security fixes that actually apply to\n  Xwayland reported in the security advisory of April 3rd 2024\n\n  * CVE-2024-31080\n  * CVE-2024-31081\n  * CVE-2024-31083\n\n  Additionally, it also contains a couple of other fixes, a copy/paste\n  error in the DeviceStateNotify event and a fix to enable buttons with\n  pointer gestures for backward compatibility with legacy X11 clients.\n\n- Don't provide xorg-x11-server-source\n  * xwayland sources are not meant for a generic server.\n","title":"Description of the patch"},{"category":"details","text":"SUSE-2024-2776,SUSE-SLE-Module-Development-Tools-15-SP5-2024-2776,SUSE-SLE-Module-Development-Tools-15-SP6-2024-2776,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2776,SUSE-SLE-Product-WE-15-SP6-2024-2776,openSUSE-SLE-15.5-2024-2776,openSUSE-SLE-15.6-2024-2776","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2776-1.json"},{"category":"self","summary":"URL for SUSE-SU-2024:2776-1","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20242776-1/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2024:2776-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2024-August/019222.html"},{"category":"self","summary":"SUSE Bug 1219892","url":"https://bugzilla.suse.com/1219892"},{"category":"self","summary":"SUSE Bug 1222309","url":"https://bugzilla.suse.com/1222309"},{"category":"self","summary":"SUSE Bug 1222310","url":"https://bugzilla.suse.com/1222310"},{"category":"self","summary":"SUSE Bug 1222312","url":"https://bugzilla.suse.com/1222312"},{"category":"self","summary":"SUSE Bug 1222442","url":"https://bugzilla.suse.com/1222442"},{"category":"self","summary":"SUSE CVE CVE-2024-31080 page","url":"https://www.suse.com/security/cve/CVE-2024-31080/"},{"category":"self","summary":"SUSE CVE CVE-2024-31081 page","url":"https://www.suse.com/security/cve/CVE-2024-31081/"},{"category":"self","summary":"SUSE CVE CVE-2024-31083 page","url":"https://www.suse.com/security/cve/CVE-2024-31083/"}],"title":"Security update for dri3proto, presentproto, wayland-protocols, xwayland","tracking":{"current_release_date":"2024-08-06T12:33:59Z","generator":{"date":"2024-08-06T12:33:59Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2024:2776-1","initial_release_date":"2024-08-06T12:33:59Z","revision_history":[{"date":"2024-08-06T12:33:59Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"dri3proto-devel-1.2-150100.6.3.1.aarch64","product":{"name":"dri3proto-devel-1.2-150100.6.3.1.aarch64","product_id":"dri3proto-devel-1.2-150100.6.3.1.aarch64"}},{"category":"product_version","name":"presentproto-devel-1.3-150600.3.3.1.aarch64","product":{"name":"presentproto-devel-1.3-150600.3.3.1.aarch64","product_id":"presentproto-devel-1.3-150600.3.3.1.aarch64"}},{"category":"product_version","name":"xwayland-24.1.1-150600.5.3.1.aarch64","product":{"name":"xwayland-24.1.1-150600.5.3.1.aarch64","product_id":"xwayland-24.1.1-150600.5.3.1.aarch64"}},{"category":"product_version","name":"xwayland-devel-24.1.1-150600.5.3.1.aarch64","product":{"name":"xwayland-devel-24.1.1-150600.5.3.1.aarch64","product_id":"xwayland-devel-24.1.1-150600.5.3.1.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"dri3proto-devel-1.2-150100.6.3.1.i586","product":{"name":"dri3proto-devel-1.2-150100.6.3.1.i586","product_id":"dri3proto-devel-1.2-150100.6.3.1.i586"}},{"category":"product_version","name":"presentproto-devel-1.3-150600.3.3.1.i586","product":{"name":"presentproto-devel-1.3-150600.3.3.1.i586","product_id":"presentproto-devel-1.3-150600.3.3.1.i586"}},{"category":"product_version","name":"xwayland-24.1.1-150600.5.3.1.i586","product":{"name":"xwayland-24.1.1-150600.5.3.1.i586","product_id":"xwayland-24.1.1-150600.5.3.1.i586"}},{"category":"product_version","name":"xwayland-devel-24.1.1-150600.5.3.1.i586","product":{"name":"xwayland-devel-24.1.1-150600.5.3.1.i586","product_id":"xwayland-devel-24.1.1-150600.5.3.1.i586"}}],"category":"architecture","name":"i586"},{"branches":[{"category":"product_version","name":"wayland-protocols-devel-1.36-150600.4.3.1.noarch","product":{"name":"wayland-protocols-devel-1.36-150600.4.3.1.noarch","product_id":"wayland-protocols-devel-1.36-150600.4.3.1.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"dri3proto-devel-1.2-150100.6.3.1.ppc64le","product":{"name":"dri3proto-devel-1.2-150100.6.3.1.ppc64le","product_id":"dri3proto-devel-1.2-150100.6.3.1.ppc64le"}},{"category":"product_version","name":"presentproto-devel-1.3-150600.3.3.1.ppc64le","product":{"name":"presentproto-devel-1.3-150600.3.3.1.ppc64le","product_id":"presentproto-devel-1.3-150600.3.3.1.ppc64le"}},{"category":"product_version","name":"xwayland-24.1.1-150600.5.3.1.ppc64le","product":{"name":"xwayland-24.1.1-150600.5.3.1.ppc64le","product_id":"xwayland-24.1.1-150600.5.3.1.ppc64le"}},{"category":"product_version","name":"xwayland-devel-24.1.1-150600.5.3.1.ppc64le","product":{"name":"xwayland-devel-24.1.1-150600.5.3.1.ppc64le","product_id":"xwayland-devel-24.1.1-150600.5.3.1.ppc64le"}}],"category":"architecture","name":"ppc64le"},{"branches":[{"category":"product_version","name":"dri3proto-devel-1.2-150100.6.3.1.s390x","product":{"name":"dri3proto-devel-1.2-150100.6.3.1.s390x","product_id":"dri3proto-devel-1.2-150100.6.3.1.s390x"}},{"category":"product_version","name":"presentproto-devel-1.3-150600.3.3.1.s390x","product":{"name":"presentproto-devel-1.3-150600.3.3.1.s390x","product_id":"presentproto-devel-1.3-150600.3.3.1.s390x"}},{"category":"product_version","name":"xwayland-24.1.1-150600.5.3.1.s390x","product":{"name":"xwayland-24.1.1-150600.5.3.1.s390x","product_id":"xwayland-24.1.1-150600.5.3.1.s390x"}},{"category":"product_version","name":"xwayland-devel-24.1.1-150600.5.3.1.s390x","product":{"name":"xwayland-devel-24.1.1-150600.5.3.1.s390x","product_id":"xwayland-devel-24.1.1-150600.5.3.1.s390x"}}],"category":"architecture","name":"s390x"},{"branches":[{"category":"product_version","name":"dri3proto-devel-1.2-150100.6.3.1.x86_64","product":{"name":"dri3proto-devel-1.2-150100.6.3.1.x86_64","product_id":"dri3proto-devel-1.2-150100.6.3.1.x86_64"}},{"category":"product_version","name":"presentproto-devel-1.3-150600.3.3.1.x86_64","product":{"name":"presentproto-devel-1.3-150600.3.3.1.x86_64","product_id":"presentproto-devel-1.3-150600.3.3.1.x86_64"}},{"category":"product_version","name":"xwayland-24.1.1-150600.5.3.1.x86_64","product":{"name":"xwayland-24.1.1-150600.5.3.1.x86_64","product_id":"xwayland-24.1.1-150600.5.3.1.x86_64"}},{"category":"product_version","name":"xwayland-devel-24.1.1-150600.5.3.1.x86_64","product":{"name":"xwayland-devel-24.1.1-150600.5.3.1.x86_64","product_id":"xwayland-devel-24.1.1-150600.5.3.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Module for Development Tools 15 SP5","product":{"name":"SUSE Linux Enterprise Module for Development Tools 15 SP5","product_id":"SUSE Linux Enterprise Module for Development Tools 15 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-development-tools:15:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Development Tools 15 SP6","product":{"name":"SUSE Linux Enterprise Module for Development Tools 15 SP6","product_id":"SUSE Linux Enterprise Module for Development Tools 15 SP6","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-development-tools:15:sp6"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Package Hub 15 SP6","product":{"name":"SUSE Linux Enterprise Module for Package Hub 15 SP6","product_id":"SUSE Linux Enterprise Module for Package Hub 15 SP6","product_identification_helper":{"cpe":"cpe:/o:suse:packagehub:15:sp6"}}},{"category":"product_name","name":"SUSE Linux Enterprise Workstation Extension 15 SP6","product":{"name":"SUSE Linux Enterprise Workstation Extension 15 SP6","product_id":"SUSE Linux Enterprise Workstation Extension 15 SP6","product_identification_helper":{"cpe":"cpe:/o:suse:sle-we:15:sp6"}}},{"category":"product_name","name":"openSUSE Leap 15.5","product":{"name":"openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5","product_identification_helper":{"cpe":"cpe:/o:opensuse:leap:15.5"}}},{"category":"product_name","name":"openSUSE Leap 15.6","product":{"name":"openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6","product_identification_helper":{"cpe":"cpe:/o:opensuse:leap:15.6"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5","product_id":"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for Development Tools 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5","product_id":"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Module for Development Tools 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5","product_id":"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Module for Development Tools 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5","product_id":"SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for Development Tools 15 SP5"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6","product_id":"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for Development Tools 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6","product_id":"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Module for Development Tools 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6","product_id":"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Module for Development Tools 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6","product_id":"SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for Development Tools 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"presentproto-devel-1.3-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6","product_id":"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64"},"product_reference":"presentproto-devel-1.3-150600.3.3.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Module for Development Tools 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"presentproto-devel-1.3-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6","product_id":"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le"},"product_reference":"presentproto-devel-1.3-150600.3.3.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Module for Development Tools 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"presentproto-devel-1.3-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6","product_id":"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x"},"product_reference":"presentproto-devel-1.3-150600.3.3.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Module for Development Tools 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"presentproto-devel-1.3-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6","product_id":"SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64"},"product_reference":"presentproto-devel-1.3-150600.3.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Module for Development Tools 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"wayland-protocols-devel-1.36-150600.4.3.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP6","product_id":"SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch"},"product_reference":"wayland-protocols-devel-1.36-150600.4.3.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Module for Package Hub 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"xwayland-24.1.1-150600.5.3.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP6","product_id":"SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64"},"product_reference":"xwayland-24.1.1-150600.5.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Workstation Extension 15 SP6"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.aarch64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.aarch64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.ppc64le as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.ppc64le","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.s390x as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.s390x","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.x86_64 as component of openSUSE Leap 15.5","product_id":"openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.5"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.aarch64 as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.aarch64","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.ppc64le as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.ppc64le","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.s390x as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.s390x","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"dri3proto-devel-1.2-150100.6.3.1.x86_64 as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64"},"product_reference":"dri3proto-devel-1.2-150100.6.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"presentproto-devel-1.3-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64"},"product_reference":"presentproto-devel-1.3-150600.3.3.1.aarch64","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"presentproto-devel-1.3-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le"},"product_reference":"presentproto-devel-1.3-150600.3.3.1.ppc64le","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"presentproto-devel-1.3-150600.3.3.1.s390x as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x"},"product_reference":"presentproto-devel-1.3-150600.3.3.1.s390x","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"presentproto-devel-1.3-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64"},"product_reference":"presentproto-devel-1.3-150600.3.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"wayland-protocols-devel-1.36-150600.4.3.1.noarch as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch"},"product_reference":"wayland-protocols-devel-1.36-150600.4.3.1.noarch","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"xwayland-24.1.1-150600.5.3.1.aarch64 as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64"},"product_reference":"xwayland-24.1.1-150600.5.3.1.aarch64","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"xwayland-24.1.1-150600.5.3.1.ppc64le as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le"},"product_reference":"xwayland-24.1.1-150600.5.3.1.ppc64le","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"xwayland-24.1.1-150600.5.3.1.s390x as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x"},"product_reference":"xwayland-24.1.1-150600.5.3.1.s390x","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"xwayland-24.1.1-150600.5.3.1.x86_64 as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64"},"product_reference":"xwayland-24.1.1-150600.5.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"xwayland-devel-24.1.1-150600.5.3.1.aarch64 as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64"},"product_reference":"xwayland-devel-24.1.1-150600.5.3.1.aarch64","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"xwayland-devel-24.1.1-150600.5.3.1.ppc64le as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le"},"product_reference":"xwayland-devel-24.1.1-150600.5.3.1.ppc64le","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"xwayland-devel-24.1.1-150600.5.3.1.s390x as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x"},"product_reference":"xwayland-devel-24.1.1-150600.5.3.1.s390x","relates_to_product_reference":"openSUSE Leap 15.6"},{"category":"default_component_of","full_product_name":{"name":"xwayland-devel-24.1.1-150600.5.3.1.x86_64 as component of openSUSE Leap 15.6","product_id":"openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"},"product_reference":"xwayland-devel-24.1.1-150600.5.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.6"}]},"vulnerabilities":[{"cve":"CVE-2024-31080","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2024-31080"}],"notes":[{"category":"general","text":"A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64","SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64","openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2024-31080","url":"https://www.suse.com/security/cve/CVE-2024-31080"},{"category":"external","summary":"SUSE Bug 1222309 for CVE-2024-31080","url":"https://bugzilla.suse.com/1222309"},{"category":"external","summary":"SUSE Bug 1222312 for CVE-2024-31080","url":"https://bugzilla.suse.com/1222312"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64","SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64","openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.6,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64","SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64","openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-08-06T12:33:59Z","details":"important"}],"title":"CVE-2024-31080"},{"cve":"CVE-2024-31081","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2024-31081"}],"notes":[{"category":"general","text":"A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64","SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64","openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2024-31081","url":"https://www.suse.com/security/cve/CVE-2024-31081"},{"category":"external","summary":"SUSE Bug 1222310 for CVE-2024-31081","url":"https://bugzilla.suse.com/1222310"},{"category":"external","summary":"SUSE Bug 1222312 for CVE-2024-31081","url":"https://bugzilla.suse.com/1222312"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64","SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64","openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.6,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64","SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64","openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-08-06T12:33:59Z","details":"important"}],"title":"CVE-2024-31081"},{"cve":"CVE-2024-31083","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2024-31083"}],"notes":[{"category":"general","text":"A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64","SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64","openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2024-31083","url":"https://www.suse.com/security/cve/CVE-2024-31083"},{"category":"external","summary":"SUSE Bug 1222312 for CVE-2024-31083","url":"https://bugzilla.suse.com/1222312"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64","SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64","openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP5:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:dri3proto-devel-1.2-150100.6.3.1.x86_64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.aarch64","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.ppc64le","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.s390x","SUSE Linux Enterprise Module for Development Tools 15 SP6:presentproto-devel-1.3-150600.3.3.1.x86_64","SUSE Linux Enterprise Module for Package Hub 15 SP6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","SUSE Linux Enterprise Workstation Extension 15 SP6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.5:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.aarch64","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.ppc64le","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.s390x","openSUSE Leap 15.6:dri3proto-devel-1.2-150100.6.3.1.x86_64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.aarch64","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.ppc64le","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.s390x","openSUSE Leap 15.6:presentproto-devel-1.3-150600.3.3.1.x86_64","openSUSE Leap 15.6:wayland-protocols-devel-1.36-150600.4.3.1.noarch","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-24.1.1-150600.5.3.1.x86_64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.aarch64","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.ppc64le","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.s390x","openSUSE Leap 15.6:xwayland-devel-24.1.1-150600.5.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-08-06T12:33:59Z","details":"important"}],"title":"CVE-2024-31083"}]}