Package xorg-server updated to version 1.20.13-alt5 for branch p10 in task 291987.

Published: 2021-12-17

BDU:2022-00346

Уязвимость функции SProcXFixesCreatePointerBarrier реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: MEDIUM (6.8) Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C

References:

CVE-2021-4010

Published: 2021-12-17

BDU:2022-00347

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: MEDIUM (6.8) Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C

References:

CVE-2021-4009

Published: 2021-12-17

BDU:2022-00348

Уязвимость функции SProcRenderCompositeGlyphs реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: MEDIUM (6.8) Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C

References:

CVE-2021-4008

Published: 2021-12-17

BDU:2022-00349

Уязвимость функции SwapCreateRegister реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: MEDIUM (6.8) Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C

References:

CVE-2021-4011

Published: 2021-12-17
Modified: 2024-11-21

CVE-2021-4008

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Severity: HIGH (7.2) Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2021-12-17
Modified: 2024-11-21

CVE-2021-4009

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Severity: HIGH (7.2) Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2021-12-17
Modified: 2024-11-21

CVE-2021-4010

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Severity: HIGH (7.2) Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2021-12-17
Modified: 2024-11-21

CVE-2021-4011

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Severity: HIGH (7.2) Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Segmentation fault при запуске иксов

xorg-server: редкие зависания при старте и попытке разблокировать экран

xorg-server не запускается на устройствах с GPU Mali Midgard

Version: 2.1.2

Package xorg-server update in p10 on 2021-12-24

ALT-PU-2021-3623-1

Closed vulnerabilities

BDU:2022-00346

BDU:2022-00347

BDU:2022-00348

BDU:2022-00349

CVE-2021-4008

CVE-2021-4009

CVE-2021-4010

CVE-2021-4011

Closed bugs

Bug #38854

Bug #40888

Bug #40946