PT-2021-5836 · Unknown+10 · Xorg-X11-Server+10

Jan-Niklas Sohn

·

Published

2021-12-14

·

Updated

2024-06-15

·

CVE-2021-4010

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions xorg-x11-server versions prior to 21.1.2 xorg-x11-server versions prior to 1.20.14
Description A flaw in xorg-x11-server can produce an out-of-bounds access in the SProcScreenSaverSuspend function. The highest threat from this issue is to data confidentiality and integrity as well as system availability. An out-of-bounds access can occur, potentially allowing an attacker to access confidential data, disrupt its integrity, and cause a denial of service.
Recommendations For xorg-x11-server versions prior to 21.1.2, update to version 21.1.2 or later. For xorg-x11-server versions prior to 1.20.14, update to version 1.20.14 or later. As a temporary workaround, consider disabling the SProcScreenSaverSuspend function until a patch is available.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALSA-2022:1917
ALT-PU-2021-3534
ALT-PU-2021-3544
ALT-PU-2021-3623
ALT-PU-2022-1458
ALT-PU-2023-7278
ALT-PU-2024-3261
BDU:2022-00346
CESA-2022_0003
CESA-2022_1917
CVE-2021-4010
DSA-5027-1
MGASA-2021-0573
OESA-2021-1468
OESA-2022-1949
OPENSUSE-SU-2021:1606-1
OPENSUSE-SU-2021:4136-1
OPENSUSE-SU-2021_1606-1
OPENSUSE-SU-2021_4136-1
OPENSUSE-SU-2021_4136-2
OPENSUSE-SU-2024:11685-1
OPENSUSE-SU-2024:11699-1
RHSA-2022:0003
RHSA-2022:1917
RHSA-2022_0003
RHSA-2022_1917
RLSA-2022:1917
SUSE-SU-2021:4122-1
SUSE-SU-2021:4136-1
SUSE-SU-2021:4136-2
USN-5193-1
ZDI-21-1549

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu
Xorg-X11-Server