]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fec7644) | patch
xwayland: fix CVE-2025-49176
authorArchana Polampalli <archana.polampalli@windriver.com>
Wed, 2 Jul 2025 15:46:15 +0000 (21:16 +0530)
committerSteve Sakoman <steve@sakoman.com>
Thu, 3 Jul 2025 16:04:44 +0000 (09:04 -0700)
commit0a2c5179e1f08ccd0fcaccb6f95c892ebafac8a8
treef85516d1a2190603f9ed0eef6ea491aa1469c60dtree | snapshot
parentfec7644b70452794fabfb7d967e2124918215440commit | diff
xwayland: fix CVE-2025-49176

A flaw was found in the Big Requests extension. The request length is multiplied
by 4 before checking against the maximum allowed size, potentially causing an
integer overflow and bypassing the size check.

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-graphics/xwayland/xwayland/CVE-2025-49176-0001.patch [new file with mode: 0644] blob
meta/recipes-graphics/xwayland/xwayland/CVE-2025-49176-0002.patch [new file with mode: 0644] blob
meta/recipes-graphics/xwayland/xwayland_23.2.5.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core