Lucene search

K
cveRedhatCVE-2021-4009
HistoryDec 17, 2021 - 5:15 p.m.

CVE-2021-4009

2021-12-1717:15:13
CWE-119
redhat
web.nvd.nist.gov
131
xorg-x11-server
cve-2021-4009
vulnerability
data confidentiality
data integrity
system availability
nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

17.9%

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Affected configurations

Nvd
Vulners
Node
x.orgx_serverRange<1.20.14
OR
x.orgx_serverMatch21.1.0
OR
x.orgx_serverMatch21.1.1
Node
fedoraprojectfedoraMatch34
OR
fedoraprojectfedoraMatch35
Node
debiandebian_linuxMatch9.0
OR
debiandebian_linuxMatch10.0
OR
debiandebian_linuxMatch11.0
VendorProductVersionCPE
x\.orgxorg\-server*cpe:2.3:a:x\.org:xorg\-server:*:*:*:*:*:*:*:*
x\.orgxorg\-server*cpe:2.3:a:x\.org:xorg\-server:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "xorg-x11-server",
    "versions": [
      {
        "version": "xorg-x11-server 21.1.2, xorg-x11-server 1.20.14",
        "status": "affected"
      }
    ]
  }
]

References

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

17.9%