Errata ALT-PU-2021-3534-1: Information
Fixes
Published: Dec. 17, 2021
BDU:2022-00346
Уязвимость функции SProcXFixesCreatePointerBarrier реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Dec. 17, 2021
BDU:2022-00347
Уязвимость функции SProcXFixesCreatePointerBarrier реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Dec. 17, 2021
BDU:2022-00348
Уязвимость функции SProcRenderCompositeGlyphs реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Dec. 17, 2021
BDU:2022-00349
Уязвимость функции SwapCreateRegister реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Dec. 17, 2021
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-4008
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://lists.x.org/archives/xorg-announce/2021-December/003124.html
- https://lists.x.org/archives/xorg-announce/2021-December/003122.html
- https://www.zerodayinitiative.com/advisories/ZDI-21-1547/
- DSA-5027
- [debian-lts-announce] 20211229 [SECURITY] [DLA 2869-1] xorg-server security update
- https://security.netapp.com/advisory/ntap-20220114-0004/
- GLSA-202305-30
- FEDORA-2021-2eb603951b
- FEDORA-2021-a7fd510294
- FEDORA-2021-69e96c8f68
- FEDORA-2021-664a6554a1
Published: Dec. 17, 2021
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-4009
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://lists.x.org/archives/xorg-announce/2021-December/003124.html
- https://lists.x.org/archives/xorg-announce/2021-December/003122.html
- https://www.zerodayinitiative.com/advisories/ZDI-21-1548/
- DSA-5027
- [debian-lts-announce] 20211229 [SECURITY] [DLA 2869-1] xorg-server security update
- https://security.netapp.com/advisory/ntap-20220114-0004/
- GLSA-202305-30
- FEDORA-2021-2eb603951b
- FEDORA-2021-a7fd510294
- FEDORA-2021-69e96c8f68
- FEDORA-2021-664a6554a1
Published: Dec. 17, 2021
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-4010
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://lists.x.org/archives/xorg-announce/2021-December/003124.html
- https://lists.x.org/archives/xorg-announce/2021-December/003122.html
- https://www.zerodayinitiative.com/advisories/ZDI-21-1549/
- DSA-5027
- https://security.netapp.com/advisory/ntap-20220114-0004/
- GLSA-202305-30
- FEDORA-2021-2eb603951b
- FEDORA-2021-a7fd510294
- FEDORA-2021-69e96c8f68
- FEDORA-2021-664a6554a1
Published: Dec. 17, 2021
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-4011
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://lists.x.org/archives/xorg-announce/2021-December/003124.html
- https://lists.x.org/archives/xorg-announce/2021-December/003122.html
- https://www.zerodayinitiative.com/advisories/ZDI-21-1550/
- DSA-5027
- [debian-lts-announce] 20211229 [SECURITY] [DLA 2869-1] xorg-server security update
- https://security.netapp.com/advisory/ntap-20220114-0004/
- GLSA-202305-30
- FEDORA-2021-2eb603951b
- FEDORA-2021-a7fd510294
- FEDORA-2021-69e96c8f68
- FEDORA-2021-664a6554a1