pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9854201840
vuln-list-alt/oval/p10/ALT-PU-2021-3623/definitions.json
pepelyaevip 0707cb759b ALT Vulnerability
2024-04-16 14:26:14 +00:00

250 lines
12 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20213623",
"Version": "oval:org.altlinux.errata:def:20213623",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2021-3623: package `xorg-server` update to version 1.20.13-alt5",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2021-3623",
"RefURL": "https://errata.altlinux.org/ALT-PU-2021-3623",
"Source": "ALTPU"
},
{
"RefID": "BDU:2022-00346",
"RefURL": "https://bdu.fstec.ru/vul/2022-00346",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00347",
"RefURL": "https://bdu.fstec.ru/vul/2022-00347",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00348",
"RefURL": "https://bdu.fstec.ru/vul/2022-00348",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00349",
"RefURL": "https://bdu.fstec.ru/vul/2022-00349",
"Source": "BDU"
},
{
"RefID": "CVE-2021-4008",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-4008",
"Source": "CVE"
},
{
"RefID": "CVE-2021-4009",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-4009",
"Source": "CVE"
},
{
"RefID": "CVE-2021-4010",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-4010",
"Source": "CVE"
},
{
"RefID": "CVE-2021-4011",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-4011",
"Source": "CVE"
}
],
"Description": "This update upgrades xorg-server to version 1.20.13-alt5. \nSecurity Fix(es):\n\n * BDU:2022-00346: Уязвимость функции SProcXFixesCreatePointerBarrier реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2022-00347: Уязвимость функции SProcXFixesCreatePointerBarrier реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2022-00348: Уязвимость функции SProcRenderCompositeGlyphs реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2022-00349: Уязвимость функции SwapCreateRegister реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * CVE-2021-4008: A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n\n * CVE-2021-4009: A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n\n * CVE-2021-4010: A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n\n * CVE-2021-4011: A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n\n * #38854: Segmentation fault при запуске иксов\n\n * #40888: xorg-server: редкие зависания при старте и попытке разблокировать экран\n\n * #40946: xorg-server не запускается на устройствах с GPU Mali Midgard",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2021-12-24"
},
"Updated": {
"Date": "2021-12-24"
},
"BDUs": [
{
"ID": "BDU:2022-00346",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2022-00346",
"Impact": "High",
"Public": "20211217"
},
{
"ID": "BDU:2022-00347",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2022-00347",
"Impact": "High",
"Public": "20211217"
},
{
"ID": "BDU:2022-00348",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2022-00348",
"Impact": "High",
"Public": "20211217"
},
{
"ID": "BDU:2022-00349",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2022-00349",
"Impact": "High",
"Public": "20211217"
}
],
"CVEs": [
{
"ID": "CVE-2021-4008",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-4008",
"Impact": "High",
"Public": "20211217"
},
{
"ID": "CVE-2021-4009",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-4009",
"Impact": "High",
"Public": "20211217"
},
{
"ID": "CVE-2021-4010",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-4010",
"Impact": "High",
"Public": "20211217"
},
{
"ID": "CVE-2021-4011",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-4011",
"Impact": "High",
"Public": "20211217"
}
],
"Bugzilla": [
{
"ID": "38854",
"Href": "https://bugzilla.altlinux.org/38854",
"Data": "Segmentation fault при запуске иксов"
},
{
"ID": "40888",
"Href": "https://bugzilla.altlinux.org/40888",
"Data": "xorg-server: редкие зависания при старте и попытке разблокировать экран"
},
{
"ID": "40946",
"Href": "https://bugzilla.altlinux.org/40946",
"Data": "xorg-server не запускается на устройствах с GPU Mali Midgard"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20213623001",
"Comment": "xorg-sdk is earlier than 2:1.20.13-alt5"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20213623002",
"Comment": "xorg-server is earlier than 2:1.20.13-alt5"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20213623003",
"Comment": "xorg-server-common is earlier than 2:1.20.13-alt5"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20213623004",
"Comment": "xorg-xdmx is earlier than 2:1.20.13-alt5"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20213623005",
"Comment": "xorg-xephyr is earlier than 2:1.20.13-alt5"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20213623006",
"Comment": "xorg-xnest is earlier than 2:1.20.13-alt5"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20213623007",
"Comment": "xorg-xvfb is earlier than 2:1.20.13-alt5"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink