mirror of
https://github.com/X11Libre/xserver.git
synced 2026-04-14 17:18:09 +00:00
721d4ff4e5
The handler of XFixesSetClientDisconnectMode does not check the client request length. A client could send a shorter request and read data from a former request. Fix the issue by checking the request size matches. CVE-2025-49177 This issue was discovered by Nils Emmerich <nemmerich@ernw.de> and reported by Julian Suleder via ERNW Vulnerability Disclosure. Fixes:e167299f6- xfixes: Add ClientDisconnectMode Signed-off-by: Olivier Fourdan <ofourdan@redhat.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024> (cherry picked from commitab02fb96b1)