CVE-2021-4011

Name of the Vulnerable Software and Affected Versions xorg-x11-server versions prior to 21.1.2 xorg-x11-server versions prior to 1.20.14

Description A flaw was found in the xorg-x11-server, where an out-of-bounds access can occur in the SwapCreateRegister function. This issue is related to the X Window System X.Org Server implementation and is associated with an out-of-bounds operation in the data buffer. The highest threat from this issue is to data confidentiality and integrity as well as system availability. Exploitation of the flaw may allow an attacker to access confidential data, compromise their integrity, and cause a denial of service. The vulnerability can be exploited by sending specially crafted requests, such as RecordCreateContext and RecordRegisterClients, to execute arbitrary code with elevated privileges.

Recommendations For xorg-x11-server versions prior to 21.1.2, update to version 21.1.2 or later. For xorg-x11-server versions prior to 1.20.14, update to version 1.20.14 or later. As a temporary workaround, consider disabling the SwapCreateRegister function until a patch is available. Restrict access to the Record extension to minimize the risk of exploitation. Avoid using the RecordCreateContext and RecordRegisterClients requests in the affected API endpoint until the issue is resolved.