Security update for xorg-x11-server SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2021:4122-1 Final 1 1 2021-12-20T11:54:49Z current 2021-12-20T11:54:49Z 2021-12-20T11:54:49Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for xorg-x11-server This update for xorg-x11-server fixes the following issues: - CVE-2021-4009: The handler for the CreatePointerBarrier request of the XFixes extension does not properly validate the request length leading to out of bounds memory write. (bsc#1190487) - CVE-2021-4010: The handler for the Suspend request of the Screen Saver extension does not properly validate the request length leading to out of bounds memory write. (bsc#1190488) - CVE-2021-4011: The handlers for the RecordCreateContext and RecordRegisterClients requests of the Record extension do not properly validate the request length leading to out of bounds memory write. (bsc#1190489) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2021-4122,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-4122,SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-4122,SUSE-SLE-Product-SLES-15-SP1-BCL-2021-4122,SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-4122,SUSE-SLE-Product-SLES_SAP-15-SP1-2021-4122,SUSE-Storage-6-2021-4122 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2021/suse-su-20214122-1/ Link for SUSE-SU-2021:4122-1 https://lists.suse.com/pipermail/sle-security-updates/2021-December/009921.html E-Mail link for SUSE-SU-2021:4122-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1190487 SUSE Bug 1190487 https://bugzilla.suse.com/1190488 SUSE Bug 1190488 https://bugzilla.suse.com/1190489 SUSE Bug 1190489 https://www.suse.com/security/cve/CVE-2021-4009/ SUSE CVE CVE-2021-4009 page https://www.suse.com/security/cve/CVE-2021-4010/ SUSE CVE CVE-2021-4010 page https://www.suse.com/security/cve/CVE-2021-4011/ SUSE CVE CVE-2021-4011 page SUSE Enterprise Storage 6 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise Server 15 SP1-BCL SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP1 xorg-x11-server-1.20.3-14.5.22.1 xorg-x11-server-extra-1.20.3-14.5.22.1 xorg-x11-server-sdk-1.20.3-14.5.22.1 xorg-x11-server-source-1.20.3-14.5.22.1 xorg-x11-server-wayland-1.20.3-14.5.22.1 xorg-x11-server-1.20.3-14.5.22.1 as a component of SUSE Enterprise Storage 6 xorg-x11-server-extra-1.20.3-14.5.22.1 as a component of SUSE Enterprise Storage 6 xorg-x11-server-sdk-1.20.3-14.5.22.1 as a component of SUSE Enterprise Storage 6 xorg-x11-server-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS xorg-x11-server-extra-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS xorg-x11-server-sdk-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS xorg-x11-server-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS xorg-x11-server-extra-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS xorg-x11-server-sdk-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS xorg-x11-server-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise Server 15 SP1-BCL xorg-x11-server-extra-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise Server 15 SP1-BCL xorg-x11-server-sdk-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise Server 15 SP1-BCL xorg-x11-server-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise Server 15 SP1-LTSS xorg-x11-server-extra-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise Server 15 SP1-LTSS xorg-x11-server-sdk-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise Server 15 SP1-LTSS xorg-x11-server-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 xorg-x11-server-extra-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 xorg-x11-server-sdk-1.20.3-14.5.22.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2021-4009 SUSE Enterprise Storage 6:xorg-x11-server-1.20.3-14.5.22.1 SUSE Enterprise Storage 6:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Enterprise Storage 6:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-BCL:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-BCL:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-BCL:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-LTSS:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-LTSS:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-LTSS:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:xorg-x11-server-sdk-1.20.3-14.5.22.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20214122-1/ https://www.suse.com/security/cve/CVE-2021-4009.html CVE-2021-4009 https://bugzilla.suse.com/1190487 SUSE Bug 1190487 A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2021-4010 SUSE Enterprise Storage 6:xorg-x11-server-1.20.3-14.5.22.1 SUSE Enterprise Storage 6:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Enterprise Storage 6:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-BCL:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-BCL:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-BCL:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-LTSS:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-LTSS:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-LTSS:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:xorg-x11-server-sdk-1.20.3-14.5.22.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20214122-1/ https://www.suse.com/security/cve/CVE-2021-4010.html CVE-2021-4010 https://bugzilla.suse.com/1190488 SUSE Bug 1190488 A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2021-4011 SUSE Enterprise Storage 6:xorg-x11-server-1.20.3-14.5.22.1 SUSE Enterprise Storage 6:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Enterprise Storage 6:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-BCL:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-BCL:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-BCL:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-LTSS:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-LTSS:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise Server 15 SP1-LTSS:xorg-x11-server-sdk-1.20.3-14.5.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:xorg-x11-server-1.20.3-14.5.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:xorg-x11-server-extra-1.20.3-14.5.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:xorg-x11-server-sdk-1.20.3-14.5.22.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20214122-1/ https://www.suse.com/security/cve/CVE-2021-4011.html CVE-2021-4011 https://bugzilla.suse.com/1190489 SUSE Bug 1190489 https://bugzilla.suse.com/1196656 SUSE Bug 1196656