summaryrefslogtreecommitdiff
path: root/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14346.patch
diff options
context:
space:
mode:
Diffstat (limited to 'poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14346.patch')
-rw-r--r--poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14346.patch36
1 files changed, 0 insertions, 36 deletions
diff --git a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14346.patch b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14346.patch
deleted file mode 100644
index 4994a21d33..0000000000
--- a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14346.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From c940cc8b6c0a2983c1ec974f1b3f019795dd4cff Mon Sep 17 00:00:00 2001
-From: Matthieu Herrb <matthieu@herrb.eu>
-Date: Tue, 18 Aug 2020 14:49:04 +0200
-Subject: [PATCH] Fix XIChangeHierarchy() integer underflow
-
-CVE-2020-14346 / ZDI-CAN-11429
-
-This vulnerability was discovered by:
-Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
-
-Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
-
-Upstream-Status: Backport
-[https://gitlab.freedesktop.org/xorg/xserver/-/commit/c940cc8b6c0a2983c1ec974f1b3f019795dd4cff]
-CVE: CVE-2020-14346
-Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
----
- Xi/xichangehierarchy.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/Xi/xichangehierarchy.c b/Xi/xichangehierarchy.c
-index cbdd91258..504defe56 100644
---- a/Xi/xichangehierarchy.c
-+++ b/Xi/xichangehierarchy.c
-@@ -423,7 +423,7 @@ ProcXIChangeHierarchy(ClientPtr client)
- if (!stuff->num_changes)
- return rc;
-
-- len = ((size_t)stuff->length << 2) - sizeof(xXIChangeHierarchyReq);
-+ len = ((size_t)client->req_len << 2) - sizeof(xXIChangeHierarchyReq);
-
- any = (xXIAnyHierarchyChangeInfo *) &stuff[1];
- while (stuff->num_changes--) {
---
-2.17.1
-
generated by cgit v1.2.3 (git 2.39.0) at 2024-06-12 03:51:29 +0300