Lucene search
Cloud FoundryCFOUNDRY:9AC404297487E90478F35DA3FFC8D7E6HistoryJun 11, 2021 - 12:00 a.m.
USN-4966-1: libx11 vulnerability | Cloud Foundry
2021-06-1100:00:00
Cloud Foundry
www.cloudfoundry.org
17
0.116 Low
EPSS
Percentile
95.3%
Severity
Medium
Vendor
Canonical Ubuntu
Versions Affected
- Canonical Ubuntu 18.04
Description
It was discovered that libx11 incorrectly validated certain parameter lengths. A remote attacker could possibly use this issue to trick libx11 into emitting extra X protocol requests.
CVEs contained in this USN include: CVE-2021-31535.
Affected Cloud Foundry Products and Versions
Severity is medium unless otherwise noted.
- cflinuxfs3
- All versions prior to 0.239.0
- CF Deployment
- All versions prior to 16.15.0
Mitigation
Users of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:
- cflinuxfs3
- Upgrade all versions to 0.239.0 or greater
- CF Deployment
- Upgrade all versions to 16.15.0 or greater
References
History
2021-06-11: Initial vulnerability report published.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cflinuxfs3 | lt | 0.239.0 | |
| cf deployment | lt | 16.15.0 |
Related
nessus
nessus
Debian DLA-2666-1 : libx11 security update
2021-05-25 00:00:00
SUSE SLES12 Security Update : libX11 (SUSE-SU-2021:1766-1)
2021-05-27 00:00:00
GLSA-202105-16 : X.Org X11 library: Denial of service
2022-01-24 00:00:00
mageia
mageia
Updated libx11 packages fix a security vulnerability
2021-05-23 04:30:51
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:1765-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:14748-1)
2021-06-18 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:1897-1)
2021-06-09 00:00:00
debian
debian
[SECURITY] [DLA 2666-1] libx11 security update
2021-05-24 07:01:12
[SECURITY] [DSA 4920-1] libx11 security update
2021-05-24 07:08:00
[SECURITY] [DSA 4920-1] libx11 security update
2021-05-24 07:08:00
redhatcve
redhatcve
CVE-2021-31535
2021-05-19 00:27:41
alpinelinux
alpinelinux
CVE-2021-31535
2021-05-27 13:15:08
redhat
redhat
(RHSA-2021:4326) Moderate: libX11 security update
2021-11-09 09:01:07
(RHSA-2021:3296) Important: libX11 security update
2021-08-30 07:55:03
almalinux
almalinux
Moderate: libX11 security update
2021-11-09 09:01:07
ubuntu
ubuntu
libx11 vulnerability
2021-05-25 00:00:00
libx11 vulnerability
2021-05-25 00:00:00
gentoo
gentoo
X.Org X11 library: Denial of service
2021-05-26 00:00:00
oraclelinux
oraclelinux
libX11 security update
2021-08-30 00:00:00
libX11 security update
2021-11-16 00:00:00
ubuntucve
ubuntucve
CVE-2021-31535
2021-05-18 00:00:00
prion
prion
Authorization
2021-05-27 13:15:00
osv
osv
Moderate: libX11 security update
2021-11-09 09:01:07
libx11 - security update
2021-05-24 00:00:00
libx11 - security update
2021-05-24 00:00:00
debiancve
debiancve
CVE-2021-31535
2021-05-27 13:15:08
centos
centos
libX11 security update
2021-08-30 17:31:42
archlinux
archlinux
[ASA-202105-12] libx11: insufficient validation
2021-05-19 00:00:00
freebsd
freebsd
libX11 -- Arbitrary code execution
2021-05-11 00:00:00
amazon
amazon
Important: libX11
2021-07-08 18:38:00
Important: libX11
2021-07-14 20:38:00
slackware
slackware
[slackware-security] libX11
2021-05-19 21:18:57
rocky
rocky
libX11 security update
2021-11-09 09:01:07
nvd
nvd
CVE-2021-31535
2021-05-27 13:15:08
cve
cve
CVE-2021-31535
2021-05-27 13:15:08
suse
suse
Security update for libX11 (moderate)
2021-05-29 00:00:00
Security update for libX11 (important)
2021-07-11 00:00:00
Security update for libX11 (important)
2021-06-09 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: libX11-1.7.2-3.fc33
2021-08-22 01:02:50
cvelist
cvelist
CVE-2021-31535
2021-05-27 12:26:26
ibm
ibm
Security Bulletin: IBM Security QRadar Event and Flow Exporter App is vulnerable to using components with known vulnerabilities (CVE-2021-31535, CVE-2020-17541)
2022-06-16 18:26:25
packetstorm
packetstorm
libX11 Insufficient Length Check / Injection
2021-05-21 00:00:00