[AUTO-CHERRYPICK] [Medium] xorg-x11-server: Fix CVE-2024-0408 - branch main (#12413)

CBL-Mariner-Bot · v-smalavathu · web-flow · commit 7a29fa45af6a · 2025-02-25T11:34:19.000-05:00
Co-authored-by: Sreenivasulu Malavathula (HCL Technologies Ltd) &lt;v-smalavathu@microsoft.com&gt;
diff --git a/SPECS/xorg-x11-server/CVE-2024-0408.patch b/SPECS/xorg-x11-server/CVE-2024-0408.patch
@@ -0,0 +1,38 @@
+From 45680d2a0072f9ea99334eb6027d5b4adfc6c1ff Mon Sep 17 00:00:00 2001
+From: Sreenivasulu Malavathula <v-smalavathu@microsoft.com>
+Date: Thu, 6 Feb 2025 00:59:38 -0600
+Subject: [PATCH] Address CVE-2024-0408
+
+---
+ glx/glxcmds.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/glx/glxcmds.c b/glx/glxcmds.c
+index 75e4282..6a5e939 100644
+--- a/glx/glxcmds.c
++++ b/glx/glxcmds.c
+@@ -48,6 +48,7 @@
+ #include "indirect_util.h"
+ #include "protocol-versions.h"
+ #include "glxvndabi.h"
++#include "xace.h"
+ 
+ static char GLXServerVendorName[] = "SGI";
+ 
+@@ -1371,6 +1372,13 @@ DoCreatePbuffer(ClientPtr client, int screenNum, XID fbconfigId,
+     if (!pPixmap)
+         return BadAlloc;
+ 
++    err = XaceHook(XACE_RESOURCE_ACCESS, client, glxDrawableId, RT_PIXMAP,
++                   pPixmap, RT_NONE, NULL, DixCreateAccess);
++    if (err != Success) {
++        (*pGlxScreen->pScreen->DestroyPixmap) (pPixmap);
++        return err;
++    }
++
+     /* Assign the pixmap the same id as the pbuffer and add it as a
+      * resource so it and the DRI2 drawable will be reclaimed when the
+      * pbuffer is destroyed. */
+-- 
+2.45.2
+
diff --git a/SPECS/xorg-x11-server/xorg-x11-server.spec b/SPECS/xorg-x11-server/xorg-x11-server.spec
@@ -21,7 +21,7 @@
 Summary:        X.Org X11 X server
 Name:           xorg-x11-server
 Version:        1.20.10
-Release:        13%{?dist}
+Release:        14%{?dist}
 License:        MIT
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@@ -98,6 +98,9 @@ Patch523:       0023-xwayland-Fix-setting-of-_XWAYLAND_RANDR_EMU_MONITOR_.patch
 Patch524:       0024-xwayland-Remove-unnecessary-xwl_window_is_toplevel-c.patch
 Patch525:       0025-xwayland-Make-window_get_client_toplevel-non-recursi.patch
 
+# a flaw was founnd in the x.org server in GLX PBuffer
+Patch601:       CVE-2024-0408.patch
+
 BuildRequires:  audit-devel
 BuildRequires:  autoconf
 BuildRequires:  automake
@@ -400,6 +403,9 @@ find %{buildroot} -type f -name "*.la" -delete -print
 %{_datadir}/aclocal/xorg-server.m4
 
 %changelog
+* Thu Feb 06 Sreeniavsulu Malavathula <v-smalavathu@microsoft.com> - 1.20.10-14
+- Patch to fix CVE-2024-0408
+
 * Thu Nov 14 2024 Suresh Babu Chalamalasetty <schalam@microsoft.com> - 1.20.10-13
 - Fix for CVE-2024-9632
 
