Oval Definition:oval:com.redhat.rhsa:def:20211804
Revision Date:2021-05-18Version:636
Title:RHSA-2021:1804: userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update (Moderate)
Description:X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.

Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated drivers for many popular graphics chips.

  • The following packages have been upgraded to a later upstream version: egl-wayland (1.1.5), libdrm (2.4.103), libglvnd (1.3.2), libinput (1.16.3), libwacom (1.6), mesa (20.3.3), xorg-x11-server (1.20.10). (BZ#1878160, BZ#1886648, BZ#1887654, BZ#1887655)

    Security Fix(es):

  • xorg-x11-server: Out-of-bounds access in XkbSetNames function (CVE-2020-14345)

  • xorg-x11-server: Integer underflow in the X input extension protocol (CVE-2020-14346)

  • xorg-x11-server: Out-of-bounds access in XkbSetMap function (CVE-2020-14360)

  • xorg-x11-server: XkbSelectEvents integer underflow privilege escalation vulnerability (CVE-2020-14361)

  • xorg-x11-server: XRecordRegisterClients integer underflow privilege escalation vulnerability (CVE-2020-14362)

  • libX11: Integer overflow leads to double free in locale handling (CVE-2020-14363)

  • xorg-x11-server: XkbSetDeviceInfo heap-based buffer overflow privilege escalation vulnerability (CVE-2020-25712)

  • libX11: Heap overflow in the X input method client (CVE-2020-14344)

  • xorg-x11-server: Leak of uninitialized heap memory from the X server to clients in AllocatePixmap of dix/pixmap.c (CVE-2020-14347)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2020-14344
    CVE-2020-14345
    CVE-2020-14346
    CVE-2020-14347
    CVE-2020-14360
    CVE-2020-14361
    CVE-2020-14362
    CVE-2020-14363
    CVE-2020-25712
    RHSA-2021:1804
    Platform(s):Red Hat Enterprise Linux 8
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 8 is installed
  • OR Red Hat CoreOS 4 is installed
  • AND
  • xorg-x11-drivers is earlier than 0:7.7-30.el8
  • AND xorg-x11-drivers is signed with Red Hat redhatrelease2 key
  • libX11 is earlier than 0:1.6.8-4.el8
  • AND libX11 is signed with Red Hat redhatrelease2 key
  • libX11-common is earlier than 0:1.6.8-4.el8
  • AND libX11-common is signed with Red Hat redhatrelease2 key
  • libX11-devel is earlier than 0:1.6.8-4.el8
  • AND libX11-devel is signed with Red Hat redhatrelease2 key
  • libX11-xcb is earlier than 0:1.6.8-4.el8
  • AND libX11-xcb is signed with Red Hat redhatrelease2 key
  • libinput is earlier than 0:1.16.3-1.el8
  • AND libinput is signed with Red Hat redhatrelease2 key
  • libinput-devel is earlier than 0:1.16.3-1.el8
  • AND libinput-devel is signed with Red Hat redhatrelease2 key
  • libinput-utils is earlier than 0:1.16.3-1.el8
  • AND libinput-utils is signed with Red Hat redhatrelease2 key
  • egl-wayland is earlier than 0:1.1.5-3.el8
  • AND egl-wayland is signed with Red Hat redhatrelease2 key
  • libglvnd is earlier than 1:1.3.2-1.el8
  • AND libglvnd is signed with Red Hat redhatrelease2 key
  • libglvnd-core-devel is earlier than 1:1.3.2-1.el8
  • AND libglvnd-core-devel is signed with Red Hat redhatrelease2 key
  • libglvnd-devel is earlier than 1:1.3.2-1.el8
  • AND libglvnd-devel is signed with Red Hat redhatrelease2 key
  • libglvnd-egl is earlier than 1:1.3.2-1.el8
  • AND libglvnd-egl is signed with Red Hat redhatrelease2 key
  • libglvnd-gles is earlier than 1:1.3.2-1.el8
  • AND libglvnd-gles is signed with Red Hat redhatrelease2 key
  • libglvnd-glx is earlier than 1:1.3.2-1.el8
  • AND libglvnd-glx is signed with Red Hat redhatrelease2 key
  • libglvnd-opengl is earlier than 1:1.3.2-1.el8
  • AND libglvnd-opengl is signed with Red Hat redhatrelease2 key
  • libdrm is earlier than 0:2.4.103-1.el8
  • AND libdrm is signed with Red Hat redhatrelease2 key
  • libdrm-devel is earlier than 0:2.4.103-1.el8
  • AND libdrm-devel is signed with Red Hat redhatrelease2 key
  • xorg-x11-server-Xdmx is earlier than 0:1.20.10-1.el8
  • AND xorg-x11-server-Xdmx is signed with Red Hat redhatrelease2 key
  • xorg-x11-server-Xephyr is earlier than 0:1.20.10-1.el8
  • AND xorg-x11-server-Xephyr is signed with Red Hat redhatrelease2 key
  • xorg-x11-server-Xnest is earlier than 0:1.20.10-1.el8
  • AND xorg-x11-server-Xnest is signed with Red Hat redhatrelease2 key
  • xorg-x11-server-Xorg is earlier than 0:1.20.10-1.el8
  • AND xorg-x11-server-Xorg is signed with Red Hat redhatrelease2 key
  • xorg-x11-server-Xvfb is earlier than 0:1.20.10-1.el8
  • AND xorg-x11-server-Xvfb is signed with Red Hat redhatrelease2 key
  • xorg-x11-server-Xwayland is earlier than 0:1.20.10-1.el8
  • AND xorg-x11-server-Xwayland is signed with Red Hat redhatrelease2 key
  • xorg-x11-server-common is earlier than 0:1.20.10-1.el8
  • AND xorg-x11-server-common is signed with Red Hat redhatrelease2 key
  • xorg-x11-server-devel is earlier than 0:1.20.10-1.el8
  • AND xorg-x11-server-devel is signed with Red Hat redhatrelease2 key
  • xorg-x11-server-source is earlier than 0:1.20.10-1.el8
  • AND xorg-x11-server-source is signed with Red Hat redhatrelease2 key
  • libwacom is earlier than 0:1.6-2.el8
  • AND libwacom is signed with Red Hat redhatrelease2 key
  • libwacom-data is earlier than 0:1.6-2.el8
  • AND libwacom-data is signed with Red Hat redhatrelease2 key
  • libwacom-devel is earlier than 0:1.6-2.el8
  • AND libwacom-devel is signed with Red Hat redhatrelease2 key
  • mesa-dri-drivers is earlier than 0:20.3.3-2.el8
  • AND mesa-dri-drivers is signed with Red Hat redhatrelease2 key
  • mesa-filesystem is earlier than 0:20.3.3-2.el8
  • AND mesa-filesystem is signed with Red Hat redhatrelease2 key
  • mesa-libEGL is earlier than 0:20.3.3-2.el8
  • AND mesa-libEGL is signed with Red Hat redhatrelease2 key
  • mesa-libEGL-devel is earlier than 0:20.3.3-2.el8
  • AND mesa-libEGL-devel is signed with Red Hat redhatrelease2 key
  • mesa-libGL is earlier than 0:20.3.3-2.el8
  • AND mesa-libGL is signed with Red Hat redhatrelease2 key
  • mesa-libGL-devel is earlier than 0:20.3.3-2.el8
  • AND mesa-libGL-devel is signed with Red Hat redhatrelease2 key
  • mesa-libOSMesa is earlier than 0:20.3.3-2.el8
  • AND mesa-libOSMesa is signed with Red Hat redhatrelease2 key
  • mesa-libOSMesa-devel is earlier than 0:20.3.3-2.el8
  • AND mesa-libOSMesa-devel is signed with Red Hat redhatrelease2 key
  • mesa-libgbm is earlier than 0:20.3.3-2.el8
  • AND mesa-libgbm is signed with Red Hat redhatrelease2 key
  • mesa-libgbm-devel is earlier than 0:20.3.3-2.el8
  • AND mesa-libgbm-devel is signed with Red Hat redhatrelease2 key
  • mesa-libglapi is earlier than 0:20.3.3-2.el8
  • AND mesa-libglapi is signed with Red Hat redhatrelease2 key
  • mesa-libxatracker is earlier than 0:20.3.3-2.el8
  • AND mesa-libxatracker is signed with Red Hat redhatrelease2 key
  • mesa-vdpau-drivers is earlier than 0:20.3.3-2.el8
  • AND mesa-vdpau-drivers is signed with Red Hat redhatrelease2 key
  • mesa-vulkan-devel is earlier than 0:20.3.3-2.el8
  • AND mesa-vulkan-devel is signed with Red Hat redhatrelease2 key
  • mesa-vulkan-drivers is earlier than 0:20.3.3-2.el8
  • AND mesa-vulkan-drivers is signed with Red Hat redhatrelease2 key
    • BACK