mirror of
https://github.com/X11Libre/xserver.git
synced 2026-03-28 14:19:17 +00:00
80d69f0142
The computation of the length in XkbSizeKeySyms() differs from what is actually written in XkbWriteKeySyms(), leading to a heap overflow. Fix the calculation in XkbSizeKeySyms() to match what kbWriteKeySyms() does. CVE-2025-26596, ZDI-CAN-25543 This vulnerability was discovered by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative Signed-off-by: Olivier Fourdan <ofourdan@redhat.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1828>
230 KiB
230 KiB