ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2021.0190
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2021-0190)
Resumen:	The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2021-0190 advisory.
Descripción:	Summary: The remote host is missing an update for the 'x11-server' package(s) announced via the MGASA-2021-0190 advisory. Vulnerability Insight: Insufficient checks on the lengths of the XInput extension ChangeFeedbackControl request can lead to out of bounds memory accesses in the X server. These issues can lead to privilege escalation for authorized clients on systems where the X server is running privileged (CVE-2021-3472). Affected Software/OS: 'x11-server' package(s) on Mageia 7, Mageia 8. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-3472 Debian Security Information: DSA-4893 (Google Search) https://www.debian.org/security/2021/dsa-4893 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEXPCLMVU25AUZTUXC4MYBGPKOAIM5TW/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDF7TAJE7NPZPNVOXSD5HBIFLNPUOD2V/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6S5OPXUDYBSRSVWVLFLJ6AFERG4HNY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N63KL3T22HNFT4FJ7VMVF6U5Q4RFJIQF/ https://security.gentoo.org/glsa/202104-02 https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd https://seclists.org/oss-sec/2021/q2/20 https://www.tenable.com/plugins/nessus/148701 https://www.zerodayinitiative.com/advisories/ZDI-21-463/ https://bugzilla.redhat.com/show_bug.cgi?id=1944167 https://lists.x.org/archives/xorg-announce/2021-April/003080.html https://lists.debian.org/debian-lts-announce/2021/04/msg00013.html http://www.openwall.com/lists/oss-security/2021/04/13/1
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.