Rapid7 Vulnerability & Exploit Database

Oracle Linux: CVE-2021-3782: ELSA-2023-2786: wayland security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Oracle Linux: CVE-2021-3782: ELSA-2023-2786: wayland security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)

Severity
6
CVSS
(AV:L/AC:L/Au:S/C:P/I:P/A:C)
Published
07/30/2022
Created
05/25/2023
Added
05/24/2023
Modified
11/27/2024

Description

An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. The reference count is maintained as an int; on LP64 systems this can cause the reference count to overflow if the client creates a large number of wl_shm buffer objects, or if it can coerce the server to create a large number of external references to the buffer storage. With the reference count overflowing, a use-after-free can be constructed on the wl_shm_pool tracking structure, where values may be incremented or decremented; it may also be possible to construct a limited oracle to leak 4 bytes of server-side memory to the attacking client at a time.

Solution(s)

  • oracle-linux-upgrade-libwayland-client
  • oracle-linux-upgrade-libwayland-cursor
  • oracle-linux-upgrade-libwayland-egl
  • oracle-linux-upgrade-libwayland-server
  • oracle-linux-upgrade-wayland-devel

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;