CVE-2021-4008
17.12.2021, 17:15
A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| x.org | x_server | 𝑥 < 1.20.14 |
| x.org | x_server | 21.1.0 |
| x.org | x_server | 21.1.1 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
| debian | debian_linux | 11.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| xorg-server |
| ||||||||||||||||||
| xorg-server-hwe-16.04 |
| ||||||||||||||||||
| xorg-server-hwe-18.04 |
| ||||||||||||||||||
| xwayland |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| xorg-x11-server |
| ||||||||||||||||||||||||||||||||||||||||||||||
| xorg-x11-server-Xvfb |
| ||||||||||||||||||||||||||||||||||||||||||||||
| xorg-x11-server-extra |
| ||||||||||||||||||||||||||||||||||||||||||||||
| xorg-x11-server-sdk |
| ||||||||||||||||||||||||||||||||||||||||||||||
| xorg-x11-server-wayland |
| ||||||||||||||||||||||||||||||||||||||||||||||
| xwayland |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||||
|---|---|---|---|---|---|
| xorg-x11-server-Xdmx |
| ||||
| xorg-x11-server-Xephyr |
| ||||
| xorg-x11-server-Xnest |
| ||||
| xorg-x11-server-Xorg |
| ||||
| xorg-x11-server-Xvfb |
| ||||
| xorg-x11-server-Xwayland |
| ||||
| xorg-x11-server-common |
| ||||
| xorg-x11-server-devel |
| ||||
| xorg-x11-server-source |
|
Common Weakness Enumeration
References