Vulnerability CVE-2021-3472

Vulnerability Name:

CVE-2021-3472 (CCN-199872)

Assigned:

2021-04-13

Published:

2021-04-13

Updated:

2021-05-19

Summary:

A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.8 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-191

Vulnerability Consequences:

Gain Privileges

References:

Source: MITRE
Type: CNA
CVE-2021-3472

Source: MLIST
Type: Mailing List, Patch, Third Party Advisory
[oss-security] 20210413 X.Org server security advisory: April 13, 2021

Source: MISC
Type: Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1944167

Source: XF
Type: UNKNOWN
xorg-cve20213472-priv-esc(199872)

Source: CCN
Type: X.Org Web site
xserver

Source: MISC
Type: Patch, Third Party Advisory
https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20210415 [SECURITY] [DLA 2627-1] xorg-server security update

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-112d542766

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-139f3fc21c

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-f7b4c97879

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-0e2981e013

Source: MISC
Type: Mailing List, Patch, Vendor Advisory
https://lists.x.org/archives/xorg-announce/2021-April/003080.html

Source: CCN
Type: oss-sec Mailing List, Tue, 13 Apr 2021 16:04:32 +0200
X.Org server security advisory: April 13, 2021

Source: MISC
Type: Mailing List, Patch, Third Party Advisory
https://seclists.org/oss-sec/2021/q2/20

Source: GENTOO
Type: Third Party Advisory
GLSA-202104-02

Source: DEBIAN
Type: Third Party Advisory
DSA-4893

Source: MISC
Type: Third Party Advisory
https://www.tenable.com/plugins/nessus/148701

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-3472

Source: CCN
Type: ZDI-21-463
X.Org Server XChangeFeedbackControl Integer Underflow Privilege Escalation Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-463/

Vulnerable Configuration:

Configuration 1:

cpe:/a:x.org:x_server:*:*:*:*:*:*:*:* (Version < 1.20.11)

Configuration 2:

cpe:/o:fedoraproject:fedora:32:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:x.org:x_server:1.20.11:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8072	P	xorg-x11-server-sdk-21.1.4-150500.5.1 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:7835	P	xorg-x11-server-21.1.4-150500.5.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:688	P	Security update for MozillaThunderbird (Important)	2022-08-10
oval:org.opensuse.security:def:3382	P	tcpdump-4.9.2-14.14.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3431	P	apache2-mod_apparmor-2.8.2-51.18.3 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3596	P	libgcrypt20-1.6.1-16.68.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3597	P	libgme0-0.6.0-5.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3229	P	libpcap1-1.8.1-10.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95198	P	libEMF1-1.0.13-150400.1.5 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94859	P	xorg-x11-server-1.20.3-150400.36.7 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95061	P	xorg-x11-server-sdk-1.20.3-150400.36.7 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94494	P	apr-util-devel-1.6.1-18.2.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95226	P	xorg-x11-server-wayland-1.20.3-150200.22.5.52.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94878	P	python3-seccomp-2.5.3-150400.2.4 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95227	P	xwayland-21.1.4-150400.1.12 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:339	P	xorg-x11-server-1.20.3-22.5.30.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:391	P	xorg-x11-server-1.20.3-150400.36.7 on GA media (Moderate)	2022-06-10
oval:org.opensuse.security:def:394	P	xwayland-21.1.4-150400.1.12 on GA media (Moderate)	2022-06-10
oval:org.opensuse.security:def:101591	P	Security update for python-numpy (Moderate)	2022-01-20
oval:org.opensuse.security:def:113603	P	xorg-x11-server-1.20.13-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:113610	P	xwayland-21.1.2-2.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:99438	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:106987	P	xorg-x11-server-1.20.13-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:106993	P	xwayland-21.1.2-2.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:1268	P	Security update for the Linux Kernel (Important)	2021-09-23
oval:org.opensuse.security:def:4469	P	Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP5) (Important)	2021-08-17
oval:org.opensuse.security:def:101911	P	Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP3) (Important)	2021-08-17
oval:org.opensuse.security:def:101115	P	xorg-x11-server-1.20.3-22.5.30.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62357	P	xorg-x11-server-1.20.3-22.5.30.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63046	P	xorg-x11-server-sdk-1.20.3-22.5.30.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72098	P	xorg-x11-server-1.20.3-22.5.30.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72765	P	xorg-x11-server-sdk-1.20.3-22.5.30.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1957	P	xorg-x11-server-sdk-1.20.3-22.5.30.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101207	P	libndp-devel-1.6-1.26 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:99637	P	(Moderate)	2021-05-26
oval:com.redhat.rhsa:def:20212033	P	RHSA-2021:2033: xorg-x11-server security update (Important)	2021-05-19
oval:org.opensuse.security:def:99942	P	(Important)	2021-05-11
oval:org.opensuse.security:def:111322	P	Security update for xorg-x11-server (Important)	2021-04-15
oval:org.opensuse.security:def:30061	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:92488	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:9489	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:69828	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:32069	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:56973	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:83388	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:93192	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:91899	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:8738	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:98849	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:86069	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:30181	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:55169	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:92687	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:9688	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:32896	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:57428	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:84125	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:92094	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:8933	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:99044	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:86533	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:31150	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:55884	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:82553	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:92886	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:70379	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:57892	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:84582	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:29346	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:51536	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:92289	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:69629	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:99239	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:87360	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:31605	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:56004	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:83268	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:23548	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:93039	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:10239	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:96848	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:58719	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:85614	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:51871	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:39642	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:73593	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:88100	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:5015	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:23883	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:45507	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:108577	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:10636	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:66739	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:34407	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:59456	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:125516	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:96298	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:41077	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:74626	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:70199	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:96845	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:88412	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:117388	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:26028	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:46343	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:109636	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:69445	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:59714	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:126687	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:41913	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:75807	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:107873	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:10059	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:96847	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:5650	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:64471	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:89111	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:33633	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:117771	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:38366	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:102970	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:9305	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:60230	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:127084	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:44072	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:108257	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:70776	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:8560	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:65558	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:89369	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:33891	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:119776	P	Security update for xorg-x11-server (Important)	2021-04-13

BACK