CentOS Local Security Checks : CentOS: Security Advisory for xorg-x11-server-common (CESA-2021:2033)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.883349

Categoría: CentOS Local Security Checks

Título: CentOS: Security Advisory for xorg-x11-server-common (CESA-2021:2033)

Resumen: The remote host is missing an update for the 'xorg-x11-server-common'; package(s) announced via the CESA-2021:2033 advisory.

Descripción: Summary:
The remote host is missing an update for the 'xorg-x11-server-common'
package(s) announced via the CESA-2021:2033 advisory.

Vulnerability Insight:
X.Org is an open-source implementation of the X Window System. It provides
the basic low-level functionality that full-fledged graphical user
interfaces are designed upon.

Security Fix(es):

* xorg-x11-server: XChangeFeedbackControl integer underflow leads to
privilege escalation (CVE-2021-3472)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Affected Software/OS:
'xorg-x11-server-common' package(s) on CentOS 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2021-3472
Debian Security Information: DSA-4893 (Google Search)
https://www.debian.org/security/2021/dsa-4893
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEXPCLMVU25AUZTUXC4MYBGPKOAIM5TW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDF7TAJE7NPZPNVOXSD5HBIFLNPUOD2V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6S5OPXUDYBSRSVWVLFLJ6AFERG4HNY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N63KL3T22HNFT4FJ7VMVF6U5Q4RFJIQF/
https://security.gentoo.org/glsa/202104-02
https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd
https://seclists.org/oss-sec/2021/q2/20
https://www.tenable.com/plugins/nessus/148701
https://www.zerodayinitiative.com/advisories/ZDI-21-463/
https://bugzilla.redhat.com/show_bug.cgi?id=1944167
https://lists.x.org/archives/xorg-announce/2021-April/003080.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00013.html
http://www.openwall.com/lists/oss-security/2021/04/13/1

Copyright Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.883349
Categoría:	CentOS Local Security Checks
Título:	CentOS: Security Advisory for xorg-x11-server-common (CESA-2021:2033)
Resumen:	The remote host is missing an update for the 'xorg-x11-server-common'; package(s) announced via the CESA-2021:2033 advisory.
Descripción:	Summary: The remote host is missing an update for the 'xorg-x11-server-common' package(s) announced via the CESA-2021:2033 advisory. Vulnerability Insight: X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * xorg-x11-server: XChangeFeedbackControl integer underflow leads to privilege escalation (CVE-2021-3472) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'xorg-x11-server-common' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-3472 Debian Security Information: DSA-4893 (Google Search) https://www.debian.org/security/2021/dsa-4893 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEXPCLMVU25AUZTUXC4MYBGPKOAIM5TW/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDF7TAJE7NPZPNVOXSD5HBIFLNPUOD2V/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6S5OPXUDYBSRSVWVLFLJ6AFERG4HNY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N63KL3T22HNFT4FJ7VMVF6U5Q4RFJIQF/ https://security.gentoo.org/glsa/202104-02 https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd https://seclists.org/oss-sec/2021/q2/20 https://www.tenable.com/plugins/nessus/148701 https://www.zerodayinitiative.com/advisories/ZDI-21-463/ https://bugzilla.redhat.com/show_bug.cgi?id=1944167 https://lists.x.org/archives/xorg-announce/2021-April/003080.html https://lists.debian.org/debian-lts-announce/2021/04/msg00013.html http://www.openwall.com/lists/oss-security/2021/04/13/1
Copyright	Copyright (C) 2021 Greenbone Networks GmbH