Bug 2136412 (CVE-2022-3555) - CVE-2022-3555 libX11: memory leak in _XFreeX11XCBStructure() of xcb_disp.c
Summary: CVE-2022-3555 libX11: memory leak in _XFreeX11XCBStructure() of xcb_disp.c
Keywords:
Status: NEW
Alias: CVE-2022-3555
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2136422 2139792 2139793 2139794
Blocks: 2136424
TreeView+ depends on / blocked
 
Reported: 2022-10-20 08:48 UTC by TEJ RATHI
Modified: 2023-08-11 12:11 UTC (History)
19 users (show)

Fixed In Version: libX11 1.7.4
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the libX11 package in the_XFreeX11XCBStructure function of the xcb_disp.c file. The manipulation of the argument dpy may lead to a memory leak, resulting in a crash.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description TEJ RATHI 2022-10-20 08:48:32 UTC 
A vulnerability was found in X.org libX11 and classified as problematic. This issue affects the function _XFreeX11XCBStructure of the file xcb_disp.c. The manipulation of the argument dpy leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211055.

https://vuldb.com/?id.211055
https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8a368d808fec166b5fb3dfe6312aab22c7ee20af
Comment 1 TEJ RATHI 2022-10-20 09:05:19 UTC 
Created libX11 tracking bugs for this issue:

Affects: fedora-all [bug 2136422]
Note You need to log in before you can comment on or make changes to this bug.