CVE-2021-4009
Description
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.091
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| X.Org X11 server (USN-5193-1) xwayland_21.1.1-0ubuntu1.1_amd64.deb | Linux |
| X.Org X11 server (USN-5193-1) xwayland_21.1.2-0ubuntu1.1_amd64.deb | Linux |
| X.Org X11 server (USN-5193-1) xserver-xorg-core_1.20.11-1ubuntu1.2_i386.deb | Linux |
| X.Org X11 server (USN-5193-1) xserver-xorg-core_1.20.11-1ubuntu1.2_amd64.deb | Linux |
| X.Org X11 server (USN-5193-1) xserver-xorg-core_1.20.13-1ubuntu1.1_i386.deb | Linux |
| X.Org X11 server (USN-5193-1) xserver-xorg-core_1.20.13-1ubuntu1.1_amd64.deb | Linux |
| X.Org X11 server (USN-5193-1) xserver-xorg-core-hwe-18.04_1.20.8-2ubuntu2.2~18.04.6_i386.deb | Linux |
| X.Org X11 server (USN-5193-1) xserver-xorg-core-hwe-18.04_1.20.8-2ubuntu2.2~18.04.6_amd64.deb | Linux |
| SUSE-SU-2021:4119-1(SUSE Linux Enterprise Server 12-SP5 ) xorg-x11-server-1.19.6-10.29.1.x86_64.rpm | Linux |
| SUSE-SU-2021:4119-1(SUSE Linux Enterprise Server 12-SP5 ) xorg-x11-server-debuginfo-1.19.6-10.29.1.x86_64.rpm | Linux |
| SUSE-SU-2021:4119-1(SUSE Linux Enterprise Server 12-SP5 ) xorg-x11-server-debugsource-1.19.6-10.29.1.x86_64.rpm | Linux |
| SUSE-SU-2021:4119-1(SUSE Linux Enterprise Server 12-SP5 ) xorg-x11-server-extra-1.19.6-10.29.1.x86_64.rpm | Linux |
| SUSE-SU-2021:4119-1(SUSE Linux Enterprise Server 12-SP5 ) xorg-x11-server-extra-debuginfo-1.19.6-10.29.1.x86_64.rpm | Linux |
| (RHSA-2022:0003) xorg-x11-server security update xorg-x11-server-Xdmx-1.20.4-17.el7_9.x86_64.rpm | Linux |
| (RHSA-2022:0003) xorg-x11-server security update xorg-x11-server-Xephyr-1.20.4-17.el7_9.x86_64.rpm | Linux |
| (RHSA-2022:0003) xorg-x11-server security update xorg-x11-server-Xnest-1.20.4-17.el7_9.x86_64.rpm | Linux |
| (RHSA-2022:0003) xorg-x11-server security update xorg-x11-server-Xorg-1.20.4-17.el7_9.x86_64.rpm | Linux |
| (RHSA-2022:0003) xorg-x11-server security update xorg-x11-server-Xvfb-1.20.4-17.el7_9.x86_64.rpm | Linux |
| (RHSA-2022:0003) xorg-x11-server security update xorg-x11-server-Xwayland-1.20.4-17.el7_9.x86_64.rpm | Linux |
| (RHSA-2022:0003) xorg-x11-server security update xorg-x11-server-common-1.20.4-17.el7_9.x86_64.rpm | Linux |
| (RHSA-2022:0003) xorg-x11-server security update xorg-x11-server-devel-1.20.4-17.el7_9.i686.rpm | Linux |
| (RHSA-2022:0003) xorg-x11-server security update xorg-x11-server-devel-1.20.4-17.el7_9.x86_64.rpm | Linux |
| (RHSA-2022:0003) xorg-x11-server security update xorg-x11-server-source-1.20.4-17.el7_9.noarch.rpm | Linux |
| Xorg-x11-server-Xdmx update (ELSA-2022-0003) xorg-x11-server-Xdmx-1.20.4-17.el7_9.x86_64.rpm | Linux |
| Xorg-x11-server-Xephyr update (ELSA-2022-0003) xorg-x11-server-Xephyr-1.20.4-17.el7_9.x86_64.rpm | Linux |
| Xorg-x11-server-Xnest update (ELSA-2022-0003) xorg-x11-server-Xnest-1.20.4-17.el7_9.x86_64.rpm | Linux |
| Xorg-x11-server-Xorg update (ELSA-2022-0003) xorg-x11-server-Xorg-1.20.4-17.el7_9.x86_64.rpm | Linux |
| Xorg-x11-server-Xvfb update (ELSA-2022-0003) xorg-x11-server-Xvfb-1.20.4-17.el7_9.x86_64.rpm | Linux |
| Xorg-x11-server-Xwayland update (ELSA-2022-0003) xorg-x11-server-Xwayland-1.20.4-17.el7_9.x86_64.rpm | Linux |
| Xorg-x11-server-common update (ELSA-2022-0003) xorg-x11-server-common-1.20.4-17.el7_9.x86_64.rpm | Linux |
| Xorg-x11-server-devel update (ELSA-2022-0003) xorg-x11-server-devel-1.20.4-17.el7_9.i686.rpm | Linux |
| Xorg-x11-server-devel update (ELSA-2022-0003) xorg-x11-server-devel-1.20.4-17.el7_9.x86_64.rpm | Linux |
| Xorg-x11-server-source update (ELSA-2022-0003) xorg-x11-server-source-1.20.4-17.el7_9.noarch.rpm | Linux |
| (RHSA-2022:1917) xorg-x11-server and xorg-x11-server-Xwayland security update xorg-x11-server-Xwayland-debugsource-21.1.3-2.el8.x86_64.rpm | Linux |
| (RHSA-2022:1917) xorg-x11-server and xorg-x11-server-Xwayland security update xorg-x11-server-debugsource-1.20.11-5.el8.x86_64.rpm | Linux |
| Xwayland X server (USN-5193-1) xserver-xorg-core_1.19.6-1ubuntu4.10_i386.deb | Linux |
| Xwayland X server (USN-5193-1) xserver-xorg-core_1.19.6-1ubuntu4.10_amd64.deb | Linux |
| xorg-x11-server Security Update (ALAS2023-2023-102) xorg-x11-server-Xdmx-1.20.14-12.amzn2023.0.2.x86_64.rpm | Linux |
| xorg-x11-server Security Update (ALAS2023-2023-102) xorg-x11-server-Xephyr-1.20.14-12.amzn2023.0.2.x86_64.rpm | Linux |
| xorg-x11-server Security Update (ALAS2023-2023-102) xorg-x11-server-Xnest-1.20.14-12.amzn2023.0.2.x86_64.rpm | Linux |
| xorg-x11-server Security Update (ALAS2023-2023-102) xorg-x11-server-Xorg-1.20.14-12.amzn2023.0.2.x86_64.rpm | Linux |
| xorg-x11-server Security Update (ALAS2023-2023-102) xorg-x11-server-Xvfb-1.20.14-12.amzn2023.0.2.x86_64.rpm | Linux |
| xorg-x11-server Security Update (ALAS2023-2023-102) xorg-x11-server-common-1.20.14-12.amzn2023.0.2.x86_64.rpm | Linux |
| xorg-x11-server Security Update (ALAS2023-2023-102) xorg-x11-server-devel-1.20.14-12.amzn2023.0.2.x86_64.rpm | Linux |
| xorg-x11-server Security Update (ALAS2023-2023-102) xorg-x11-server-source-1.20.14-12.amzn2023.0.2.noarch.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234