Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:2786: Red Hat Security Advisory: wayland security, bug fix, and enhancement update

An update for wayland is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2021-3782: An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. The reference count is maintained as an int; on LP64 systems this can cause the reference count to overflow if the client creates a large number of wl_shm buffer objects, or if it can coerce the server to create a large number of external references to the buffer storage. With the reference count overflowing, a use-after-free can be constructed on the wl_shm_pool tracking structure, where values may be incremented or decremented; it may also be possible to construct a limited oracle to leak 4 bytes of server-side memory to the attacking client at a time.
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#java#oracle#kubernetes#aws#ibm

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2023-05-16

Updated:

2023-05-16

RHSA-2023:2786 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: wayland security, bug fix, and enhancement update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for wayland is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Wayland is a protocol for a compositor to talk to its clients, as well as a C library implementation of that protocol. The compositor can be a standalone display server running on Linux kernel modesetting and evdev input devices, an X application, or a wayland client itself. The clients can be traditional applications, X servers (rootless or fullscreen) or other display servers.

The following packages have been upgraded to a later upstream version: wayland (1.21.0). (BZ#2137625)

Security Fix(es):

  • wayland: libwayland-server wl_shm reference-count overflow (CVE-2021-3782)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

  • BZ - 2002627 - CVE-2021-3782 wayland: libwayland-server wl_shm reference-count overflow
  • BZ - 2137625 - Rebase wayland to 1.21 in el8

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index

Red Hat Enterprise Linux for x86_64 8

SRPM

wayland-1.21.0-1.el8.src.rpm

SHA-256: ee296f2b2ce5e2ed83dec23495564f266d131022185fd204550e8895d4d5f6a8

x86_64

libwayland-client-1.21.0-1.el8.i686.rpm

SHA-256: 8772243f7459546ec9e3bdf5de5fecfb52e58a8fac0b413509f9e84c43400385

libwayland-client-1.21.0-1.el8.x86_64.rpm

SHA-256: f79cef9a39104aa6447efaedd3e6fc702014cd4a5a543932c7c1c9897253818f

libwayland-client-debuginfo-1.21.0-1.el8.i686.rpm

SHA-256: e01fb35181321e8f5eb261de82f580babf249236be770670d2d83810bbd3f05b

libwayland-client-debuginfo-1.21.0-1.el8.x86_64.rpm

SHA-256: aafe5a575ab5e6dd2d15895499e2a01ce985b6c7d604e7997cfa8cbb176e378e

libwayland-cursor-1.21.0-1.el8.i686.rpm

SHA-256: 3a797dba85c718af74445efa316980cfe57b9262de8f7b2d95d06ec27118f063

libwayland-cursor-1.21.0-1.el8.x86_64.rpm

SHA-256: 0ef42f8bbfcf20327b91b69eda9fea7d3b4aae79bb19ab1363b2e1d6840377f7

libwayland-cursor-debuginfo-1.21.0-1.el8.i686.rpm

SHA-256: ec2c0d1dfcc482072d1c7803806f48dd4a6242eed2543c39d196eb833f1568b7

libwayland-cursor-debuginfo-1.21.0-1.el8.x86_64.rpm

SHA-256: 8d9d5d4dbb81d122bcde301f130662665bd95ecd4bafa5bfcb12fef0f5b21298

libwayland-egl-1.21.0-1.el8.i686.rpm

SHA-256: 142eeac99960fe41d785728284e3db33a6726b241af63b690af59e98d0ffb255

libwayland-egl-1.21.0-1.el8.x86_64.rpm

SHA-256: 106ead5fe1e641f86d45cd77b154d31393e5e3d43a342f52d4a1f5a9bdca9444

libwayland-egl-debuginfo-1.21.0-1.el8.i686.rpm

SHA-256: ec6d16b4570cb8f5528f724970f5c162ff0ab277aadcac1d86a5ee8753887718

libwayland-egl-debuginfo-1.21.0-1.el8.x86_64.rpm

SHA-256: d9b8a919f2adb4ff002cc6b303da8d58c0f4a22be9c6ed01cee15cfbd7a89661

libwayland-server-1.21.0-1.el8.i686.rpm

SHA-256: a3a1d41dcc41f85000def863bb63a6eb6ddf6784171067cb60a91cb41d9737f9

libwayland-server-1.21.0-1.el8.x86_64.rpm

SHA-256: ec475c06b2139413c3e4dcfc871e8ff51c5ce4d43fdfb3f33b852a0b552a7e72

libwayland-server-debuginfo-1.21.0-1.el8.i686.rpm

SHA-256: 3cd32d10fd27b071de4ec9c091b2740fafee753d2e3bce9c7a55e20f15df35cc

libwayland-server-debuginfo-1.21.0-1.el8.x86_64.rpm

SHA-256: a834b3c586fd9722f3d35049c1fefc0e59377e276fff1784b675611aa39554c3

wayland-debuginfo-1.21.0-1.el8.i686.rpm

SHA-256: 4fbd82cd21296b580bc692171df7a0a302277ac54de8eaf36270c13c9915f644

wayland-debuginfo-1.21.0-1.el8.x86_64.rpm

SHA-256: 1ffe54dec015da425508a8e2f365df3e0091b5b7735d58333c3e1d0279b1016d

wayland-debugsource-1.21.0-1.el8.i686.rpm

SHA-256: 5ef71194fc441b0af46fc6d1e4c5a5ba7ee796558cc543baa939b4edcbc74daa

wayland-debugsource-1.21.0-1.el8.x86_64.rpm

SHA-256: 704c311b95f8f8195e3c42f85fd2b0302a3b553adce9edbf21f9ed80600f4b53

wayland-devel-1.21.0-1.el8.i686.rpm

SHA-256: 44d6c126f7c9bda5dcf89891623fd67e6a60a1842c2f7084e1029c480d43386d

wayland-devel-1.21.0-1.el8.x86_64.rpm

SHA-256: ac93e212b9210d9df872448ea4ed805de57a6e6c5f853912d49019f1567f6b5c

wayland-devel-debuginfo-1.21.0-1.el8.i686.rpm

SHA-256: 2e080edadb770283405e8697836541d044eedd05287cf2401f25b1be27ad80bb

wayland-devel-debuginfo-1.21.0-1.el8.x86_64.rpm

SHA-256: c783fcefd6007bd10a81c839ec47273d217329f642b1af0d90c6cb5dacb841e8

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

wayland-1.21.0-1.el8.src.rpm

SHA-256: ee296f2b2ce5e2ed83dec23495564f266d131022185fd204550e8895d4d5f6a8

s390x

libwayland-client-1.21.0-1.el8.s390x.rpm

SHA-256: 39a89f08649f1322bff7f7ea0c51b66908d7dc3bba3645dafccca8e1ea9dad0c

libwayland-client-debuginfo-1.21.0-1.el8.s390x.rpm

SHA-256: ae3f400d262ebed6485eec79449f04e841628dc133cdecd78e9a28c8c9c52212

libwayland-cursor-1.21.0-1.el8.s390x.rpm

SHA-256: 62040a67105d74a315bf55883837cedaa1f5f91f288e0cff47f94de43d9ed86e

libwayland-cursor-debuginfo-1.21.0-1.el8.s390x.rpm

SHA-256: 8b4d70a56449b7209c40e1a608807107e128ffd316284ac9ec427ed267c736ac

libwayland-egl-1.21.0-1.el8.s390x.rpm

SHA-256: 248a7f2e7832d1d259c05335ffbd49598a7b0f5c1fb9ec33cb1c44a482c19d79

libwayland-egl-debuginfo-1.21.0-1.el8.s390x.rpm

SHA-256: 298a3e176d4e02f3337d5344153837a3f2be0b73b1eddc565004c2a4879e9687

libwayland-server-1.21.0-1.el8.s390x.rpm

SHA-256: 37dd0f0e378c166a0a08dc4468e33a8bd78965b78486284e0d15383ab17d27ce

libwayland-server-debuginfo-1.21.0-1.el8.s390x.rpm

SHA-256: 58a4a7e712751fb98bf1baa076f4be60a9f72457cfcc02a627513846816b4ffd

wayland-debuginfo-1.21.0-1.el8.s390x.rpm

SHA-256: 3fcaa59c4929706b878d70da2f8979d5cf3cca4fab44e226ff9c656fa47154d9

wayland-debugsource-1.21.0-1.el8.s390x.rpm

SHA-256: 1a8894b4f083a329877001d438669dc0c26b5e5ca292f832d79ced88a4d48e8b

wayland-devel-1.21.0-1.el8.s390x.rpm

SHA-256: 05c38a4f4a6226a7286de3c911d1d5c9faf3e95cfec4ed66183d9d2495ea7a68

wayland-devel-debuginfo-1.21.0-1.el8.s390x.rpm

SHA-256: 2e1bca8d51934e2dd3669ee1d88edac0073f65fa6bed3fd691556a4a7e792417

Red Hat Enterprise Linux for Power, little endian 8

SRPM

wayland-1.21.0-1.el8.src.rpm

SHA-256: ee296f2b2ce5e2ed83dec23495564f266d131022185fd204550e8895d4d5f6a8

ppc64le

libwayland-client-1.21.0-1.el8.ppc64le.rpm

SHA-256: 06224dcea3b114ec3feefa820498300fc93e08d144f37631a3a96a3d33440ca8

libwayland-client-debuginfo-1.21.0-1.el8.ppc64le.rpm

SHA-256: 4ced368ada20990034d307cfa2db00b36ab1113e105a197becc90f3c2d22da82

libwayland-cursor-1.21.0-1.el8.ppc64le.rpm

SHA-256: 1ffbe6971fb812d32788253d8e1eb0efee4748a50396a7a996517a342e1c61b8

libwayland-cursor-debuginfo-1.21.0-1.el8.ppc64le.rpm

SHA-256: 68671d26cf7a2d173cc3908b4390453a976523c983465fbadf4555557d2830e7

libwayland-egl-1.21.0-1.el8.ppc64le.rpm

SHA-256: ff50e66c2f6e224cb590f3ec1ae577a4cdbf7e4005292151239e6afbec3d71c9

libwayland-egl-debuginfo-1.21.0-1.el8.ppc64le.rpm

SHA-256: 59228ad380996a423d165a35cd8d9c101b1596ed9eded91c5d96fdd8e85c8dcb

libwayland-server-1.21.0-1.el8.ppc64le.rpm

SHA-256: 6f3f6e103822890a6442bdf1ad20eeb599dddfdbd758b5875b6f90a18249df41

libwayland-server-debuginfo-1.21.0-1.el8.ppc64le.rpm

SHA-256: 24a6da70004fb8ab3ff47b1fd5c4be4450f6840189dc4dd8cf8c1eaf9a20d1bb

wayland-debuginfo-1.21.0-1.el8.ppc64le.rpm

SHA-256: 721642324d0a2f44f3c36c79d696900ea9b6b5b7ed6db5216e70d8b405e14a26

wayland-debugsource-1.21.0-1.el8.ppc64le.rpm

SHA-256: 667c6e66cd9862505bb513eb80f81371170335a0148f67fe144a1ef20c7bb1a3

wayland-devel-1.21.0-1.el8.ppc64le.rpm

SHA-256: 6d2b774a8e70aa16d5fe17624098e38848572f4dd35fa5f210d2cb6ff369c116

wayland-devel-debuginfo-1.21.0-1.el8.ppc64le.rpm

SHA-256: ec17f8dbb19ba153f50fde832d8d55edff38192f2c320685ce62de376563331a

Red Hat Enterprise Linux for ARM 64 8

SRPM

wayland-1.21.0-1.el8.src.rpm

SHA-256: ee296f2b2ce5e2ed83dec23495564f266d131022185fd204550e8895d4d5f6a8

aarch64

libwayland-client-1.21.0-1.el8.aarch64.rpm

SHA-256: 745a5bde50d42e72d9699552bbe82175dae35c414dd8e389bac252ac80936d53

libwayland-client-debuginfo-1.21.0-1.el8.aarch64.rpm

SHA-256: 6e7472f9a3e0df2f688e7b17f0ff329969696b0dbf2ea11a5b55b29acb318fcf

libwayland-cursor-1.21.0-1.el8.aarch64.rpm

SHA-256: 981a302689cdfccbe48a02a791ba09e699cabedda648a6104ea2054bb52831ef

libwayland-cursor-debuginfo-1.21.0-1.el8.aarch64.rpm

SHA-256: 0a5fa99fcdc2118d3d5fdfef87854e7e2af8b14a9115a309e437dafcac070a82

libwayland-egl-1.21.0-1.el8.aarch64.rpm

SHA-256: 060557ff524871bae1b6d7139c888dfd78823ed0ab5e994fabde3b2e8f350fc6

libwayland-egl-debuginfo-1.21.0-1.el8.aarch64.rpm

SHA-256: 807ad02e86d7480360004c75e3942f5bb6088545498d7e7977a9fdf59f33eaf2

libwayland-server-1.21.0-1.el8.aarch64.rpm

SHA-256: 73c3679ebfeefd7c9daa164a915527a600cad4e60c58953e8da950f75a8043ee

libwayland-server-debuginfo-1.21.0-1.el8.aarch64.rpm

SHA-256: 51e2cd34db0f018c1d2152b1209fecec30376c1a8573bad355a5a860c092b7e4

wayland-debuginfo-1.21.0-1.el8.aarch64.rpm

SHA-256: 08c6d814c77cb688ad6a682bd4aa2cdf372fb85d720368fb859b06f6528373aa

wayland-debugsource-1.21.0-1.el8.aarch64.rpm

SHA-256: 60b7d6aacf776f8326e0579d4b7aa8b70bb73eb34d719a51f109b0afb0220c74

wayland-devel-1.21.0-1.el8.aarch64.rpm

SHA-256: 3ebb863af3ae986e59c27818bd9a611f2ff754b5df6b8af93c05d4e7915c8f45

wayland-devel-debuginfo-1.21.0-1.el8.aarch64.rpm

SHA-256: cbf1f11bc0a413a23ab6acd3a4716c449745a9461111a65d61d7411e7e032470

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Red Hat Security Advisory 2023-3813-01

Red Hat Security Advisory 2023-3813-01 - An update for mtr-operator-bundle-container, mtr-operator-container, mtr-web-container, and mtr-web-executor-container is now available for Migration Toolkit for Runtimes 1 on RHEL 8.

RHSA-2023:3813: Red Hat Security Advisory: Migration Toolkit for Runtimes security update

An update for mtr-operator-bundle-container, mtr-operator-container, mtr-web-container, and mtr-web-executor-container is now available for Migration Toolkit for Runtimes 1 on RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4492: A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2...

Red Hat Security Advisory 2023-3664-01

Red Hat Security Advisory 2023-3664-01 - Release of Security Advisory for the OpenShift Jenkins image and Jenkins agent base image.

RHSA-2023:3664: Red Hat Security Advisory: OpenShift Jenkins image and Jenkins agent base image security update

Release of Bug Advisories for the OpenShift Jenkins image and Jenkins agent base image. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid. * CVE-2022-2880: A flaw was found in the golang package, where reques...

CVE-2023-0036: en/security-disclosure/2023/2023-01.md · OpenHarmony/security - Gitee.com

platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.

Ubuntu Security Notice USN-5614-2

Ubuntu Security Notice 5614-2 - USN-5614-1 fixed a vulnerability in Wayland. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2021-3782: Reference count overflow in shm leads to use-after-free (#224) · Issues · wayland / wayland · GitLab

An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. The reference count is maintained as an int; on LP64 systems this can cause the reference count to overflow if the client creates a large number of wl_shm buffer objects, or if it can coerce the server to create a large number of external references to the buffer storage. With the reference count overflowing, a use-after-free can be constructed on the wl_shm_pool tracking structure, where values may be incremented or decremented; it may also be possible to construct a limited oracle to leak 4 bytes of server-side memory to the attacking client at a time.

Ubuntu Security Notice USN-5614-1

Ubuntu Security Notice 5614-1 - It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code.