Vulnerability CVE-2021-31535

Vulnerability Name:

CVE-2021-31535 (CCN-202043)

Assigned:

2021-05-18

Published:

2021-05-18

Updated:

2021-09-23

Summary:

LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session.

CVSS v3 Severity:

9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.8 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

8.1 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.3 High (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-120
CWE-77

Vulnerability Consequences:

Denial of Service

References:

Vulnerable Configuration:

Configuration 1:

cpe:/a:x.org:libx11:*:*:*:*:*:*:*:* (Version < 1.7.1)

OR cpe:/o:x.org:x_window_system:*:*:*:*:*:*:*:* (Version <= x11r7.7)

Configuration 2:

cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration RedHat 6:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration CCN 1:

cpe:/a:x.org:libx11:1.7.0:*:*:*:*:*:*:*

AND

cpe:/a:ibm:qradar_network_security:5.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_network_security:5.5.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.7.2.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7553	P	libX11-6-1.6.5-150000.3.27.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:716	P	Security update for postgresql10 (Important)	2022-08-31
oval:org.opensuse.security:def:705	P	Security update for rubygem-rails-html-sanitizer (Moderate)	2022-08-22
oval:org.opensuse.security:def:95277	P	Security update for python-M2Crypto (Important)	2022-07-22
oval:org.opensuse.security:def:3433	P	apache2-mod_nss-1.0.14-19.9.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3606	P	libicu-doc-52.1-8.7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3617	P	libjson-c2-0.11-2.15 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3420	P	MozillaFirefox-68.1.0-109.92.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94545	P	emacs-27.2-150400.1.49 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2973	P	libX11-6-1.6.5-3.21.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94532	P	curl-7.79.1-150400.3.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94603	P	libX11-6-1.6.5-3.21.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95251	P	Security update for sssd (Moderate) (in QA)	2022-06-15
oval:org.opensuse.security:def:6045	P	Security update for glib2 (Low)	2022-05-19
oval:org.opensuse.security:def:6021	P	Security update for cifs-utils (Important)	2022-04-27
oval:org.opensuse.security:def:101964	P	Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP3) (Important)	2022-04-15
oval:org.opensuse.security:def:99471	P	(Important)	2022-04-13
oval:org.opensuse.security:def:101990	P	Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP3) (Important)	2022-02-01
oval:org.opensuse.security:def:112570	P	libX11-6-1.7.2-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:106055	P	Security update for samba (Important)	2021-11-16
oval:com.redhat.rhsa:def:20214326	P	RHSA-2021:4326: libX11 security update (Moderate)	2021-11-09
oval:org.opensuse.security:def:97000	P	davfs2-1.5.4-1.4 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:97043	P	sysstat-isag-12.0.2-3.6.12 on GA media (Moderate)	2021-09-21
oval:com.redhat.rhsa:def:20213296	P	RHSA-2021:3296: libX11 security update (Important)	2021-08-30
oval:org.opensuse.security:def:99670	P	(Moderate)	2021-08-23
oval:org.opensuse.security:def:101245	P	FastCGI-2.4.0-2.23 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101258	P	cross-nvptx-gcc7-7.5.0+r278197-4.25.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:111572	P	Security update for libX11 (Important)	2021-07-10
oval:org.opensuse.security:def:41897	P	Security update for xorg-x11-libX11 (Important)	2021-06-15
oval:org.opensuse.security:def:39620	P	Security update for xorg-x11-libX11 (Important)	2021-06-15
oval:org.opensuse.security:def:45485	P	Security update for xorg-x11-libX11 (Important)	2021-06-15
oval:org.opensuse.security:def:38360	P	Security update for xorg-x11-libX11 (Important)	2021-06-15
oval:org.opensuse.security:def:46327	P	Security update for xorg-x11-libX11 (Important)	2021-06-15
oval:org.opensuse.security:def:41055	P	Security update for xorg-x11-libX11 (Important)	2021-06-15
oval:org.opensuse.security:def:44050	P	Security update for xorg-x11-libX11 (Important)	2021-06-15
oval:org.opensuse.security:def:111428	P	Security update for libX11 (Important)	2021-06-09
oval:org.opensuse.security:def:67134	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:98886	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:93745	P	(Important)	2021-06-08
oval:org.opensuse.security:def:9340	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:86576	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:42085	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:57935	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:82584	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:100620	P	(Important)	2021-06-08
oval:org.opensuse.security:def:33922	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:51580	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:92919	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:117439	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:30207	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:70234	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:94171	P	(Important)	2021-06-08
oval:org.opensuse.security:def:10272	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:88445	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:8597	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:59745	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:84612	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:56030	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:92322	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:26068	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:73828	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:69480	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:99081	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:9522	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:64522	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:93253	P	(Important)	2021-06-08
oval:org.opensuse.security:def:5729	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:83294	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:51903	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:93072	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:99643	P	(Important)	2021-06-08
oval:org.opensuse.security:def:125548	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:31193	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:76202	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:70412	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:99978	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:23592	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:66818	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:89142	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:93567	P	(Important)	2021-06-08
oval:org.opensuse.security:def:108656	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:8775	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:85657	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:57016	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:100291	P	(Important)	2021-06-08
oval:org.opensuse.security:def:32938	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:92521	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:5055	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:29377	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:69662	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:99272	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:93960	P	(Important)	2021-06-08
oval:org.opensuse.security:def:9721	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:87402	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:58761	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:83414	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:101447	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:34456	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:55200	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:93225	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:126718	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:31633	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:91936	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:94383	P	(Important)	2021-06-08
oval:org.opensuse.security:def:23915	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:73644	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:89400	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:8970	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:60279	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:86097	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:57456	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:33664	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:92720	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:99108	P	(Important)	2021-06-08
oval:org.opensuse.security:def:30087	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:75886	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:69861	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:10094	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:64706	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:88132	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:93410	P	(Important)	2021-06-08
oval:org.opensuse.security:def:107924	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:59487	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:84154	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:55910	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:99956	P	(Important)	2021-06-08
oval:org.opensuse.security:def:127115	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:32112	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:92131	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:111408	P	Security update for libX11 (Moderate)	2021-05-29
oval:org.opensuse.security:def:26057	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:73817	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:39619	P	Security update for xorg-x11-libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:64509	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:5703	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:99637	P	(Moderate)	2021-05-26
oval:org.opensuse.security:def:76178	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:66792	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:93563	P	(Moderate)	2021-05-26
oval:org.opensuse.security:def:108630	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:100282	P	(Moderate)	2021-05-26
oval:org.opensuse.security:def:32926	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:45484	P	Security update for xorg-x11-libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:5044	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:93953	P	(Moderate)	2021-05-26
oval:org.opensuse.security:def:87390	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:58749	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:101436	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:34441	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:94376	P	(Moderate)	2021-05-26
oval:org.opensuse.security:def:73631	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:60264	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:75860	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:41054	P	Security update for xorg-x11-libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:64695	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:93406	P	(Moderate)	2021-05-26
oval:org.opensuse.security:def:107911	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:99947	P	(Moderate)	2021-05-26
oval:org.opensuse.security:def:44049	P	Security update for xorg-x11-libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:67110	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:93738	P	(Moderate)	2021-05-26
oval:org.opensuse.security:def:42078	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:100611	P	(Moderate)	2021-05-26
oval:org.opensuse.security:def:117426	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:94164	P	(Moderate)	2021-05-26

BACK