CLSA-2025:1764027165

[CLSA-2025:1764027165] xorg-x11-server-Xwayland: Fix of 3 CVEs

Type:

security

Severity:

Important

Release date:

2025-11-24 23:32:50 UTC

Description:

- CVE-2024-21886: fix heap overflow caused by incorrect DisableDevice() recursion
- CVE-2024-31083: fix use-after-free caused by incorrect glyph reuse handling
- CVE-2023-5367: fix out-of-bounds write in property append/prepend handling

Updated packages:

xorg-x11-server-Xwayland-21.1.3-7.el9.tuxcare.els11.i686.rpm
sha:e5e8ebdb8404a595248a0a061b443576449e3b6190e96adb5546b339f59dcf8e
xorg-x11-server-Xwayland-21.1.3-7.el9.tuxcare.els11.x86_64.rpm
sha:d1dab8f04680e279fd65d7d8e00ad6e81d2af34894b1258ad84c4bfbb949c182
xorg-x11-server-Xwayland-devel-21.1.3-7.el9.tuxcare.els11.i686.rpm
sha:39ef8df18ae50464df6eaf5c7e1b79115e8b0a4aa5e76569ed9760f5ffd22d7d
xorg-x11-server-Xwayland-devel-21.1.3-7.el9.tuxcare.els11.x86_64.rpm
sha:b28e2823aec3fff6cc87063467a27f8ef938899b5145eea72f0fe9ad705f692d

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.