Kwanan nan aka sanar saki sabon sigar gyara na X.Org Server 21.1.11 kuma tare da wanda aka saki sigar xwayland 23.2.4, wanda ke tabbatar da ƙaddamar da X.Org Server don tsara aiwatar da aikace-aikacen X11 a cikin wuraren da ke tushen Wayland.
An ambata cewa babban dalili na fitowar wannan sabon sigar X.Org 21.1.11, don aiwatar da facin da ake buƙata don gyara ɓarna 6, wasu daga cikinsu za a iya amfani da su don haɓaka gata akan tsarin da uwar garken X ke gudana azaman tushen, da kuma don aiwatar da lambar nesa a cikin saiti waɗanda ke amfani da jujjuyawar zaman X11 akan SSH don samun dama.
Bayanan raunin rauni
CVE-2023-6816: Buffer ambaliya a cikin DeviceFocusEvent da ProcXIQueryPointer
Wannan batun tsaro, wanda aka bayyana da CVE-2023-6816, batun ya bayyana tun lokacin da aka saki xorg-server-1.13 (0). Matsakaicin buffer yana faruwa lokacin da aka wuce ma'anar tsararru mara inganci zuwa DeviceFocusEvent ko ProcXIQueryPointer. Lalacewar na iya haifar da ambaliya saboda rashin isasshen sarari ga maɓallan na'urar.
CVE-2024-0229: Ƙwararren damar damar ƙwaƙwalwar ajiya lokacin da ake sake haɗawa zuwa na'ura mai mahimmanci daban-daban
Ularfafawa CVE-2024-0229, ya kasance yana bayyana tun lokacin da aka saki xorg-server-1.1.1 (2006) y yana faruwa saboda rubutaccen buffer na waje ta hanyar haɗawa da wata na'ura mai mahimmanci a cikin tsari inda na'urar ke da maɓalli da maɓalli da abubuwan shigar da ajin, kuma an saita adadin maɓalli (parameter numButtons) zuwa 0.
CVE-2024-21885: Buffer ya cika a cikin XISendDeviceHierarchyEvent
Ularfafawa CVE-2024-21885, ya kasance yana bayyana tun daga sakin xorg-server-1.10.0 (2010) y na iya haifar da cikar buffer saboda rashin isasshen sarari kasafi akan XISendNa'uraHierarchyEv lokacin da aka cire na'urar da aka ba da ID kuma an ƙara na'urar mai ID iri ɗaya a cikin buƙatun iri ɗaya.
An ambaci raunin da ya faru saboda gaskiyar cewa yayin aiki sau biyu don ganowa, an rubuta misalai biyu na tsarin. xXIHierarchyInfo a lokaci guda, yayin aikin XISendNa'uraHierarchyEv yana ba da ƙwaƙwalwar ajiya ga misali.
CVE-2024-21886: Buffer ya mamaye Na'urar Disable
Ularfafawa CVE-2024-21886, ya kasance yana bayyana tun lokacin da aka saki xorg-server-1.13.0 (2012) y yana ba da damar buffer ambaliya a cikin aikin DisableDevice wanda ke faruwa a lokacin da babbar na'ura ta nakasa yayin da na'urorin bayi suka riga sun lalace. Rashin lahani shine saboda lissafin da ba daidai ba na girman tsarin don adana jerin na'urori.
CVE-2024-0409: SELinux mahallin cin hanci da rashawa
Ularfafawa CVE-2024-0409, wanda aka gano a xorg-server-1.16.0, yana haifar da cin hanci da rashawa na mahallin SELinux saboda rashin amfani da tsarin "masu zaman kansu" don adana ƙarin bayanai.
Xserver yana amfani da tsarin a cikin abubuwansa, kowane mai zaman kansa yana da "nau'i" da ke hade da shi. Kowane "mai zaman kansa" an keɓe shi don daidaitaccen girman ƙwaƙwalwar ajiya wanda aka ayyana a lokacin halitta. Tsarin siginan kwamfuta a cikin Xserver har ma yana da maɓallai biyu, ɗaya don siginan kwamfuta da kansa kuma wani don raƙuman da ke siginar siginar. XSELINUX kuma yana amfani da maɓallai masu zaman kansu, amma ɗan ƙaramin lamari ne na musamman saboda yana amfani da maɓallai iri ɗaya don duk abubuwa daban-daban.
Abin da ke faruwa a nan shi ne cewa lambar siginar a duka Xephyr da Xwayland suna amfani da nau'in "mai zaman kansa" mara kyau akan halitta, yana amfani da siginan kwamfuta bittype tare da siginan kwamfuta na sirri, kuma lokacin fara siginan kwamfuta, ya sake rubuta mahallin XSELINUX.
CVE-2024-0408: SELinux GLX PBuffer mara amfani
Ularfafawa CVE-2024-0408, yanzu a xorg-uwar garken-1.10.0 (2010), yana ba da damar albarkatun X su ci gaba da kasancewa ba su da alama, wanda zai iya haifar da haɓaka gata na gida. Lambar XSELINUX akan uwar garken X suna alamar albarkatun X bisa hanyar haɗi.
Abin da ke faruwa a nan shi ne lambar GLX PBuffer ba ta kiran ƙugiya XACE lokacin da ya ƙirƙiri buffer, don haka ya kasance ba tare da alama ba, kuma lokacin da abokin ciniki ya ba da wata bukata don samun damar wannan albarkatun ko ma lokacin da ya ƙirƙiri wani hanya yana buƙatar samun dama ga wannan buffer. , Lambar XSELINUX za ta yi ƙoƙarin yin amfani da wani abu wanda ba a taɓa yin alama ba kuma ya kasa saboda SID NULL.
Yana da daraja ambaton cewa wannan sabon gyara version yana samuwa a cikin mafi yawan ma'ajiya na babban rarraba Linux sabili da haka ana ba da shawarar sabunta zuwa sabon sigar da wuri-wuri.
a karshe idan kun kasance sha'awar ƙarin sani game da shi, zaku iya bincika cikakkun bayanai a cikin bin hanyar haɗi.