Home

CVE-2021-3472

Description

A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.093

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2021:1181-1(SUSE Linux Enterprise Server 12-SP5 ) xorg-x11-server-1.19.6-10.23.1.x86_64.rpmLinux
SUSE-SU-2021:1181-1(SUSE Linux Enterprise Server 12-SP5 ) xorg-x11-server-debuginfo-1.19.6-10.23.1.x86_64.rpmLinux
SUSE-SU-2021:1181-1(SUSE Linux Enterprise Server 12-SP5 ) xorg-x11-server-debugsource-1.19.6-10.23.1.x86_64.rpmLinux
SUSE-SU-2021:1181-1(SUSE Linux Enterprise Server 12-SP5 ) xorg-x11-server-extra-1.19.6-10.23.1.x86_64.rpmLinux
SUSE-SU-2021:1181-1(SUSE Linux Enterprise Server 12-SP5 ) xorg-x11-server-extra-debuginfo-1.19.6-10.23.1.x86_64.rpmLinux
X.Org X11 server (USN-4905-1) xserver-xorg-core_1.19.6-1ubuntu4.9_i386.debLinux
X.Org X11 server (USN-4905-1) xserver-xorg-core_1.19.6-1ubuntu4.9_amd64.debLinux
X.Org X11 server (USN-4905-1) xserver-xorg-core_1.20.9-2ubuntu1.3_i386.debLinux
X.Org X11 server (USN-4905-1) xserver-xorg-core_1.20.9-2ubuntu1.3_amd64.debLinux
X.Org X11 server (USN-4905-1) xserver-xorg-core_1.20.9-2ubuntu1.2~20.04.2_i386.debLinux
X.Org X11 server (USN-4905-1) xserver-xorg-core_1.20.9-2ubuntu1.2~20.04.2_amd64.debLinux
X.Org X11 server (USN-4905-1) xserver-xorg-core-hwe-18.04_1.20.8-2ubuntu2.2~18.04.5_i386.debLinux
X.Org X11 server (USN-4905-1) xserver-xorg-core-hwe-18.04_1.20.8-2ubuntu2.2~18.04.5_amd64.debLinux
Xorg-x11-server-Xdmx update (ELSA-2021-2033) xorg-x11-server-Xdmx-1.20.4-16.el7_9.x86_64.rpmLinux
Xorg-x11-server-Xephyr update (ELSA-2021-2033) xorg-x11-server-Xephyr-1.20.4-16.el7_9.x86_64.rpmLinux
Xorg-x11-server-Xnest update (ELSA-2021-2033) xorg-x11-server-Xnest-1.20.4-16.el7_9.x86_64.rpmLinux
Xorg-x11-server-Xorg update (ELSA-2021-2033) xorg-x11-server-Xorg-1.20.4-16.el7_9.x86_64.rpmLinux
Xorg-x11-server-Xvfb update (ELSA-2021-2033) xorg-x11-server-Xvfb-1.20.4-16.el7_9.x86_64.rpmLinux
Xorg-x11-server-Xwayland update (ELSA-2021-2033) xorg-x11-server-Xwayland-1.20.4-16.el7_9.x86_64.rpmLinux
Xorg-x11-server-common update (ELSA-2021-2033) xorg-x11-server-common-1.20.4-16.el7_9.x86_64.rpmLinux
Xorg-x11-server-devel update (ELSA-2021-2033) xorg-x11-server-devel-1.20.4-16.el7_9.i686.rpmLinux
Xorg-x11-server-devel update (ELSA-2021-2033) xorg-x11-server-devel-1.20.4-16.el7_9.x86_64.rpmLinux
Xorg-x11-server-source update (ELSA-2021-2033) xorg-x11-server-source-1.20.4-16.el7_9.noarch.rpmLinux
(RHSA-2021:2033) xorg-x11-server security update xorg-x11-server-Xdmx-1.20.4-16.el7_9.x86_64.rpmLinux
(RHSA-2021:2033) xorg-x11-server security update xorg-x11-server-Xephyr-1.20.4-16.el7_9.x86_64.rpmLinux
(RHSA-2021:2033) xorg-x11-server security update xorg-x11-server-Xnest-1.20.4-16.el7_9.x86_64.rpmLinux
(RHSA-2021:2033) xorg-x11-server security update xorg-x11-server-Xorg-1.20.4-16.el7_9.x86_64.rpmLinux
(RHSA-2021:2033) xorg-x11-server security update xorg-x11-server-Xvfb-1.20.4-16.el7_9.x86_64.rpmLinux
(RHSA-2021:2033) xorg-x11-server security update xorg-x11-server-Xwayland-1.20.4-16.el7_9.x86_64.rpmLinux
(RHSA-2021:2033) xorg-x11-server security update xorg-x11-server-common-1.20.4-16.el7_9.x86_64.rpmLinux
(RHSA-2021:2033) xorg-x11-server security update xorg-x11-server-devel-1.20.4-16.el7_9.i686.rpmLinux
(RHSA-2021:2033) xorg-x11-server security update xorg-x11-server-devel-1.20.4-16.el7_9.x86_64.rpmLinux
(RHSA-2021:2033) xorg-x11-server security update xorg-x11-server-source-1.20.4-16.el7_9.noarch.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234