composite: Fix use-after-free of the COW - xorg/xserver - X server (mirrored from https://gitlab.freedesktop.org/xorg/xserver)

diff options

author	Olivier Fourdan <ofourdan@redhat.com>	2023-03-13 11:08:47 +0100
committer	Olivier Fourdan <ofourdan@redhat.com>	2023-03-29 14:20:26 +0200
commit	fb51d5dd53b02422ea3b6f36bd017488d41f472d (patch)
tree	662f723a1d5f917fa9edecd9bf5bb0a58f7a9c77 /configure.ac
parent	6bed5cfd515b9634ecf73fb884e4ec3388e8b7eb (diff)

composite: Fix use-after-free of the COW

ZDI-CAN-19866/CVE-2023-1393 If a client explicitly destroys the compositor overlay window (aka COW), we would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later. Make sure to clear the CompScreen pointer to the COW when the latter gets destroyed explicitly by the client. This vulnerability was discovered by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative Signed-off-by: Olivier Fourdan <ofourdan@redhat.com> Reviewed-by: Adam Jackson <ajax@redhat.com> (cherry picked from commit 26ef545b3502f61ca722a7a3373507e88ef64110)

Diffstat (limited to 'configure.ac')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: