From: Vivek Kumbhar <[email protected]> Signed-off-by: Vivek Kumbhar <[email protected]> --- .../xorg-lib/libx11/CVE-2022-3555.patch | 38 +++++++++++++++++++ .../recipes-graphics/xorg-lib/libx11_1.6.9.bb | 1 + 2 files changed, 39 insertions(+) create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3555.patch
diff --git a/meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3555.patch b/meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3555.patch new file mode 100644 index 0000000000..855ce80e77 --- /dev/null +++ b/meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3555.patch @@ -0,0 +1,38 @@ +From 8a368d808fec166b5fb3dfe6312aab22c7ee20af Mon Sep 17 00:00:00 2001 +From: Hodong <[email protected]> +Date: Thu, 20 Jan 2022 00:57:41 +0900 +Subject: [PATCH] Fix two memory leaks in _XFreeX11XCBStructure() + +Even when XCloseDisplay() was called, some memory was leaked. + +XCloseDisplay() calls _XFreeDisplayStructure(), which calls +_XFreeX11XCBStructure(). + +However, _XFreeX11XCBStructure() did not destroy the condition variables, +resulting in the leaking of some 40 bytes. + +Signed-off-by: Hodong <[email protected]> + +Upstream-Status: Backport from [https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8a368d808fec166b5fb3dfe6312aab22c7ee20af] +CVE:CVE-2022-3555 +Signed-off-by: Vivek Kumbhar <[email protected]> +--- + src/xcb_disp.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/xcb_disp.c b/src/xcb_disp.c +index 70a602f4..e9becee3 100644 +--- a/src/xcb_disp.c ++++ b/src/xcb_disp.c +@@ -102,6 +102,8 @@ void _XFreeX11XCBStructure(Display *dpy) + dpy->xcb->pending_requests = tmp->next; + free(tmp); + } ++ xcondition_clear(dpy->xcb->event_notify); ++ xcondition_clear(dpy->xcb->reply_notify); + xcondition_free(dpy->xcb->event_notify); + xcondition_free(dpy->xcb->reply_notify); + Xfree(dpy->xcb); +-- +2.18.2 + diff --git a/meta/recipes-graphics/xorg-lib/libx11_1.6.9.bb b/meta/recipes-graphics/xorg-lib/libx11_1.6.9.bb index 72ab1d4150..ad3fab1204 100644 --- a/meta/recipes-graphics/xorg-lib/libx11_1.6.9.bb +++ b/meta/recipes-graphics/xorg-lib/libx11_1.6.9.bb @@ -17,6 +17,7 @@ SRC_URI += "file://Fix-hanging-issue-in-_XReply.patch \ file://CVE-2020-14363.patch \ file://CVE-2021-31535.patch \ file://CVE-2022-3554.patch \ + file://CVE-2022-3555.patch \ " SRC_URI[md5sum] = "55adbfb6d4370ecac5e70598c4e7eed2" -- 2.30.2
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#174975): https://lists.openembedded.org/g/openembedded-core/message/174975 Mute This Topic: https://lists.openembedded.org/mt/95841212/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
