CVE-2021-4011

Name
CVE-2021-4011
Description
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://lists.x.org/archives/xorg-announce/2021-December/003124.html
MISC https://lists.x.org/archives/xorg-announce/2021-December/003122.html
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDHYZM6FII35JA7J275MFCJO6ADJUPQX/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57DCF726O5LLTST4NBL5PQ7DLPB46HT/
MISC https://www.zerodayinitiative.com/advisories/ZDI-21-1550/
DEBIAN https://www.debian.org/security/2021/dsa-5027
MLIST https://lists.debian.org/debian-lts-announce/2021/12/msg00035.html
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKLSZCY47QK4RCJFXITYFALCGPJAFXOK/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXTRPFEQLFZ6NT2LPLZEID664RGC3OCC/
Third Party Advisory https://security.netapp.com/advisory/ntap-20220114-0004/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:* x_server >= None < 1.20.14
cpe:2.3:a:x.org:x_server:21.1.0:*:*:*:*:*:*:* x_server == None == 21.1.0
cpe:2.3:a:x.org:x_server:21.1.1:*:*:*:*:*:*:* x_server == None == 21.1.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status