poky/xwayland at yocto-4.0.28 - poky

mirror of git://git.yoctoproject.org/poky.git synced 2025-08-22 00:42:05 +02:00

History

Yogita Urade 9da4f8dc2b xwayland: fix CVE-2022-49737 In X.Org X server 20.11 through 21.1.16, when a client application uses easystroke for mouse gestures, the main thread modifies various data structures used by the input thread without acquiring a lock, aka a race condition. In particular, AttachDevice in dix/devices.c does not acquire an input lock. Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-49737 Upstream patch: `dc7cb45482` (From OE-Core rev: 740ea9019cf5cf309c5a4ef380eac17d21078ac8) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2025-03-27 08:16:30 -07:00
..
xwayland	xwayland: fix CVE-2022-49737	2025-03-27 08:16:30 -07:00
xwayland_22.1.8.bb	xwayland: fix CVE-2022-49737	2025-03-27 08:16:30 -07:00

Yogita Urade 9da4f8dc2b xwayland: fix CVE-2022-49737

In X.Org X server 20.11 through 21.1.16, when a client application
uses easystroke for mouse gestures, the main thread modifies various
data structures used by the input thread without acquiring a lock,
aka a race condition. In particular, AttachDevice in dix/devices.c
does not acquire an input lock.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-49737

Upstream patch:
dc7cb45482

(From OE-Core rev: 740ea9019cf5cf309c5a4ef380eac17d21078ac8)

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2025-03-27 08:16:30 -07:00

xwayland xwayland: fix CVE-2022-49737 2025-03-27 08:16:30 -07:00

xwayland_22.1.8.bb xwayland: fix CVE-2022-49737 2025-03-27 08:16:30 -07:00