mirror of
https://git.yoctoproject.org/poky
synced 2026-03-10 01:09:40 +01:00
9da4f8dc2b
In X.Org X server 20.11 through 21.1.16, when a client application
uses easystroke for mouse gestures, the main thread modifies various
data structures used by the input thread without acquiring a lock,
aka a race condition. In particular, AttachDevice in dix/devices.c
does not acquire an input lock.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-49737
Upstream patch:
dc7cb45482
(From OE-Core rev: 740ea9019cf5cf309c5a4ef380eac17d21078ac8)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>