xorg-x11-server-21.1.14-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:14466-1 Final 1 1 2024-11-06T00:00:00Z current 2024-11-06T00:00:00Z 2024-11-06T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z xorg-x11-server-21.1.14-1.1 on GA media These are all security issues fixed in the xorg-x11-server-21.1.14-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-14466 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TM2IXKHQAG2LGZAB7MW6VRZJ235MJKFH/ E-Mail link for openSUSE-SU-2024:14466-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2024-9632/ SUSE CVE CVE-2024-9632 page openSUSE Tumbleweed xorg-x11-server-21.1.14-1.1 xorg-x11-server-Xvfb-21.1.14-1.1 xorg-x11-server-extra-21.1.14-1.1 xorg-x11-server-sdk-21.1.14-1.1 xorg-x11-server-source-21.1.14-1.1 xorg-x11-server-wrapper-21.1.14-1.1 xorg-x11-server-21.1.14-1.1 as a component of openSUSE Tumbleweed xorg-x11-server-Xvfb-21.1.14-1.1 as a component of openSUSE Tumbleweed xorg-x11-server-extra-21.1.14-1.1 as a component of openSUSE Tumbleweed xorg-x11-server-sdk-21.1.14-1.1 as a component of openSUSE Tumbleweed xorg-x11-server-source-21.1.14-1.1 as a component of openSUSE Tumbleweed xorg-x11-server-wrapper-21.1.14-1.1 as a component of openSUSE Tumbleweed A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges. CVE-2024-9632 openSUSE Tumbleweed:xorg-x11-server-21.1.14-1.1 openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.14-1.1 openSUSE Tumbleweed:xorg-x11-server-extra-21.1.14-1.1 openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.14-1.1 openSUSE Tumbleweed:xorg-x11-server-source-21.1.14-1.1 openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.14-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TM2IXKHQAG2LGZAB7MW6VRZJ235MJKFH/ https://www.suse.com/security/cve/CVE-2024-9632.html CVE-2024-9632 https://bugzilla.suse.com/1231565 SUSE Bug 1231565