- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202310-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: libinput: format string vulnerability when using xf86-input-libinput
Date: October 26, 2023
Bugs: #839729
ID: 202310-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
A vulnerability has been discovered in libinput where an attacker may
run malicous code by exploiting a format string vulnerability.
Background
==========
A library to handle input devices in Wayland and, via xf86-input-
libinput, in X.org.
Affected packages
=================
Package Vulnerable Unaffected
----------------- ------------ ------------
dev-libs/libinput < 1.20.1 >= 1.20.1
Description
===========
An attacker may be able to run malicious code by exploiting a format
string vulnerability. Please review the CVE identifier referenced below
for details.
Impact
======
When a device is detected by libinput, libinput logs several messages
through log handlers set up by the callers. These log handlers usually eventually result in a printf call. Logging happens with the privileges
of the caller, in the case of Xorg this may be root.
The device name ends up as part of the format string and a kernel device
with printf-style format string placeholders in the device name can
enable an attacker to run malicious code. An exploit is possible through
any device where the attacker controls the device name, e.g. /dev/uinput
or Bluetooth devices.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All libinput users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/libinput-1.20.1"
References
==========
[ 1 ] CVE-2022-1215
https://nvd.nist.gov/vuln/detail/CVE-2022-1215
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202310-14
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2023 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEpqTA6ABLMxh/aChGFMQkOaVy+9kFAmU57ZkACgkQFMQkOaVy +9kCig/9GToeoolNhO9esdxY1Sh5UgLgsMhCL3RtDtis/a8wvckPmnar5j5dGMAe F5pVQFHuXH0MUV+jfK11Ho1//r2akjI0CVykPOOpMQRgMzLm+qtpmXY0qeHMQ37y lMnVR21jGlQuf9BHyzTjvYQJN/a2r1inlS5snOZG2pUBfNsG7xQoeO7OeKzXbg6R BDfJVdupCldOumgKegVtKrzfTalRfMcvADpFyP1qT17mPkhImOpz0zTIPr/UvtCe 9E+SRlFwEfGQhU12VE5xoWzRqnytPwWqTje4ZpXWZqTcDeEAbYCHhb1sF+GLmFUC 63cctipkfBbWKk830Z5h0Pjm8I1tK8YeuCIwrSGgsy7jdVdsJ5d3zi1EW9F/EEKa Y4CIZTS0qonxgo87rM/ibzBvebyLa6JYHAXw8Hjqr352fvAIsI7JRmRd269gR6nk 9vvO3wykUmiAtWVQecu9AWbe/YD3FaYSV08IEWh3QJW+7HNhiNViBvHa7KcCTOHm o07pFmB8W0JjzsT8brrzPBXoEAkJB2M+99MrzTJtYd8bNx7tiAA/jdBl95X02rE9 EihbSfOfDGFwDiGvQmCxN93ntwCpHSrCP6ORr+VzWaiL0yEfj6wqJ5HPhV0nVk6k l+ZA/pHiaL9B59+i6xtAmc/jzKhhsYRGcIJWaMxC0sA3dT5EdMM=
=voU0
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)