PT-2021-8110 · Xwayland+9 · Xwayland+9

Published

2021-07-30

Updated

2024-02-27

CVE-2021-3782

CVSS v3.1

6.6

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions Wayland (affected versions not specified)

Description The issue is related to an integer overflow in the reference count of the buffer pool. This can occur when a large number of wl shm buffer objects are created or when the server is coerced into creating a large number of external references to the buffer storage. As a result, a use-after-free can be constructed on the wl shm pool tracking structure, allowing values to be incremented or decremented. Additionally, it may be possible to construct a limited oracle to leak 4 bytes of server-side memory to the attacking client at a time.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2023:2786

ALT-PU-2022-2161

ALT-PU-2022-3316

AZL-11019

BDU:2024-07302

CESA-2023_2786

CVE-2021-3782

MGASA-2022-0418

OESA-2022-1920

RHSA-2023:2786

RHSA-2023_2786

SUSE-SU-2023:1860-1

SUSE-SU-2023:1864-1

SUSE-SU-2023:1873-1

SUSE-SU-2023:1874-1

SUSE-SU-2023_1860-1

SUSE-SU-2023_1864-1

SUSE-SU-2023_1873-1

SUSE-SU-2023_1874-1

USN-5614-1

USN-5614-2

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Debian

Linuxmint

Red Hat

Suse

Ubuntu

Xwayland

PT-2021-8110 · Xwayland+9 · Xwayland+9

CVE-2021-3782

Weakness Enumeration

Related Identifiers

Affected Products

References · 39