OESA-2021-1468

A security issue has been found in X.Org before version 21.1.2 and Xwayland before version 21.1.4. The handler for the CompositeGlyphs request of the Render extension does not properly validate the request length leading to out of bounds memory write. This can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for SSH X forwarding sessions.(CVE-2021-4008)

A security issue has been found in X.Org before version 21.1.2 and Xwayland before version 21.1.4. The handler for the CreatePointerBarrier request of the XFixes extension does not properly validate the request length leading to out of bounds memory write. This can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for SSH X forwarding sessions.(CVE-2021-4009)

A security issue has been found in X.Org before version 21.1.2 and Xwayland before version 21.1.4. The handler for the Suspend request of the Screen Saver extension does not properly validate the request length leading to an out of bounds memory write. This can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for SSH X forwarding sessions.(CVE-2021-4010)

A security issue has been found in X.Org before version 21.1.2 and Xwayland before version 21.1.4. The handlers for the RecordCreateContext and RecordRegisterClients requests of the Record extension do not properly validate the request length leading to an out of bounds memory write. This can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for SSH X forwarding sessions.(CVE-2021-4011)

Database specific

{
    "severity": "High"
}

References

Affected packages

openEuler:20.03-LTS-SP1 / xorg-x11-server

Package

Name: xorg-x11-server
Purl: pkg:rpm/openEuler/xorg-x11-server&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.20.8-10.oe1

Ecosystem specific

{
    "aarch64": [
        "xorg-x11-server-1.20.8-10.oe1.aarch64.rpm",
        "xorg-x11-server-devel-1.20.8-10.oe1.aarch64.rpm",
        "xorg-x11-server-Xephyr-1.20.8-10.oe1.aarch64.rpm",
        "xorg-x11-server-debuginfo-1.20.8-10.oe1.aarch64.rpm",
        "xorg-x11-server-debugsource-1.20.8-10.oe1.aarch64.rpm"
    ],
    "src": [
        "xorg-x11-server-1.20.8-10.oe1.src.rpm"
    ],
    "noarch": [
        "xorg-x11-server-help-1.20.8-10.oe1.noarch.rpm"
    ],
    "x86_64": [
        "xorg-x11-server-debugsource-1.20.8-10.oe1.x86_64.rpm",
        "xorg-x11-server-debuginfo-1.20.8-10.oe1.x86_64.rpm",
        "xorg-x11-server-Xephyr-1.20.8-10.oe1.x86_64.rpm",
        "xorg-x11-server-devel-1.20.8-10.oe1.x86_64.rpm",
        "xorg-x11-server-1.20.8-10.oe1.x86_64.rpm"
    ]
}

openEuler:20.03-LTS-SP2 / xorg-x11-server

Package

Name: xorg-x11-server
Purl: pkg:rpm/openEuler/xorg-x11-server&distro=openEuler-20.03-LTS-SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.20.8-11.oe1

Ecosystem specific

{
    "aarch64": [
        "xorg-x11-server-debuginfo-1.20.8-11.oe1.aarch64.rpm",
        "xorg-x11-server-debugsource-1.20.8-11.oe1.aarch64.rpm",
        "xorg-x11-server-devel-1.20.8-11.oe1.aarch64.rpm",
        "xorg-x11-server-Xephyr-1.20.8-11.oe1.aarch64.rpm",
        "xorg-x11-server-1.20.8-11.oe1.aarch64.rpm"
    ],
    "src": [
        "xorg-x11-server-1.20.8-11.oe1.src.rpm"
    ],
    "noarch": [
        "xorg-x11-server-help-1.20.8-11.oe1.noarch.rpm"
    ],
    "x86_64": [
        "xorg-x11-server-devel-1.20.8-11.oe1.x86_64.rpm",
        "xorg-x11-server-debuginfo-1.20.8-11.oe1.x86_64.rpm",
        "xorg-x11-server-debugsource-1.20.8-11.oe1.x86_64.rpm",
        "xorg-x11-server-Xephyr-1.20.8-11.oe1.x86_64.rpm",
        "xorg-x11-server-1.20.8-11.oe1.x86_64.rpm"
    ]
}