]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2c8e82f) | patch
xwayland: fix CVE-2025-49176
authorArchana Polampalli <archana.polampalli@windriver.com>
Thu, 3 Jul 2025 10:23:50 +0000 (15:53 +0530)
committerSteve Sakoman <steve@sakoman.com>
Thu, 3 Jul 2025 20:10:12 +0000 (13:10 -0700)
commit17033023d679a597e31964b0fed2b2e89cdf61ec
tree5f9623a0b6290d39e1ed5e81b5e059c905681647tree | snapshot
parent2c8e82f860792e7fb99c78c512be57ce74774a34commit | diff
xwayland: fix CVE-2025-49176

A flaw was found in the Big Requests extension. The request length is multiplied
by 4 before checking against the maximum allowed size, potentially causing an
integer overflow and bypassing the size check.

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-graphics/xwayland/xwayland/CVE-2025-49176-0001.patch [new file with mode: 0644] blob
meta/recipes-graphics/xwayland/xwayland/CVE-2025-49176-0002.patch [new file with mode: 0644] blob
meta/recipes-graphics/xwayland/xwayland_22.1.8.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core