LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session.
[
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XLookupColor",
"file": "src/LookupCol.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-03c4294d",
"signature_type": "Function",
"digest": {
"length": 1204.0,
"function_hash": "194779545851206938191317774910667006767"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XStoreNamedColor",
"file": "src/StNColor.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-06c7a3b3",
"signature_type": "Function",
"digest": {
"length": 805.0,
"function_hash": "57596708029533598651365206010640559677"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"file": "src/SetFPath.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-06ff8958",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"50740766647139537254525501348017655566",
"191720514066239136195297291948358165596",
"236735166600612026233734810992458744372",
"175250586613470016533022889582037947246",
"15820597583791618870090057761206061612",
"323884454437786854138380526354199915375"
]
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XSetClassHint",
"file": "src/SetHints.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-0ed22727",
"signature_type": "Function",
"digest": {
"length": 560.0,
"function_hash": "339492935456616761875859918177051278716"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XAllocNamedColor",
"file": "src/GetColor.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-1452889a",
"signature_type": "Function",
"digest": {
"length": 1283.0,
"function_hash": "272229315376601560145787171691278513077"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"file": "src/Font.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-174c0404",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"16257440484568987506901834172546690453",
"29592823987098147533264154119221098212",
"150231721246991869990294808332596117824",
"277939570852743938313382357778705813908",
"23540310715949143903583714386511684886",
"41702074481376957366942239806873386079",
"301186063222482847227854460083028620096"
]
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XQueryExtension",
"file": "src/QuExt.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-17f9abb4",
"signature_type": "Function",
"digest": {
"length": 578.0,
"function_hash": "3273904504419152404817559787134880597"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XSetStandardProperties",
"file": "src/SetHints.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-1bc3c9c8",
"signature_type": "Function",
"digest": {
"length": 690.0,
"function_hash": "141049300835485479325261718068060773376"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"file": "src/ParseCol.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-2ce993a7",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"262504001726064536913730362978503461039",
"21668516314201488491497005893235019520",
"36409840772859001858509127713312563951",
"121881950064672761746840297912490311066",
"313441283645575752615977181693896599727",
"28234959273533793541662092506365956772",
"79396196360508823037340879876919941591"
]
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "_XF86LoadQueryLocaleFont",
"file": "src/Font.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-30877076",
"signature_type": "Function",
"digest": {
"length": 1286.0,
"function_hash": "93291342007330628588149580812011790579"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XSetCommand",
"file": "src/SetHints.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-3311e1dc",
"signature_type": "Function",
"digest": {
"length": 601.0,
"function_hash": "24684718490872317656076989888444743713"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"file": "src/FontNames.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-3c5cab0b",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"183540688237464359359532939193636150510",
"208313404388619166471369205993232785091",
"321610926566339078421915125242385029692"
]
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XLoadFont",
"file": "src/LoadFont.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-46f466a4",
"signature_type": "Function",
"digest": {
"length": 467.0,
"function_hash": "22089373937851375930563966087998802849"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"file": "src/SetHints.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-545aeb71",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"31863458945747855404031146347807020032",
"68961041533426996369863547461183352412",
"274053626768630293049051151122532135454",
"296874047534542534430039836340292501045",
"93929287736250484024689755957198032316",
"225080581754741922607453415960086415678",
"3073408934216278589773249814016384519",
"100731358177687282697573601294506188442",
"193296163577986555494456534927255038395",
"288803370994506060175970321761736290351",
"279794168693008621650904745261952586639",
"236622881049090339554616567627678831237",
"177867807698317477636841312789999896209",
"102973379653873905648734011320756338553"
]
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XSetIconName",
"file": "src/StName.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-5af3990e",
"signature_type": "Function",
"digest": {
"length": 247.0,
"function_hash": "30583031230923752344114699184738534690"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"file": "src/LookupCol.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-5df119da",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"262504001726064536913730362978503461039",
"21668516314201488491497005893235019520",
"36409840772859001858509127713312563951",
"158614489178553825387838154785007706854",
"268358346475244183936174525433343488558",
"207217743611472631402677607440911295277",
"8086225728994918271076276047011540756",
"296162282267076243929351581204304500884",
"44473234487433654380309193110288885415",
"167551788482031049547736823666537207774"
]
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"file": "src/StNColor.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-60990db3",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"262504001726064536913730362978503461039",
"21668516314201488491497005893235019520",
"36409840772859001858509127713312563951",
"318148898277984628551132884954917923508",
"230272514686543693188884383879003345375",
"223308178260587010079595248684064479913"
]
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"file": "src/GetColor.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-67d32a13",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"262504001726064536913730362978503461039",
"21668516314201488491497005893235019520",
"36409840772859001858509127713312563951",
"291984676250480342888077324157364398308",
"24052841096178241101704599061165452902",
"27834934316003449013620342270320311669"
]
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"file": "src/StName.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-76867870",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"31863458945747855404031146347807020032",
"101914556914327229503050354764631718102",
"152408753156262496763212019825099333887",
"283196058586486498443714268776973736929",
"235435633057246815498807168805364311883",
"58183659154948519433500447108239486021",
"267561276077180045214993981380397376757",
"217967526014509531600795984379562621271",
"9603444088893844832578168139879830558",
"150625911743021074390256788328171439261",
"156715389106347318133217079548016383261"
]
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"file": "src/FontInfo.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-7cd24872",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"80129333695779641381576002661036683501",
"26784690429517856576801970640465559669",
"282982041665519749977830514767598380425"
]
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XParseColor",
"file": "src/ParseCol.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-8a339271",
"signature_type": "Function",
"digest": {
"length": 1835.0,
"function_hash": "226579109019714700817799452827862392636"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XStoreName",
"file": "src/StName.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-8e3196fe",
"signature_type": "Function",
"digest": {
"length": 242.0,
"function_hash": "124867819081785719348192357474512710152"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"file": "src/LoadFont.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-8e895452",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"50740766647139537254525501348017655566",
"312886974931123872537107090712557873142",
"146620374490523123600052805197895021536",
"286742250289382630656494368908146052234",
"319156673997211742746296553108985673051",
"236432169601576487340315636149580793967"
]
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XLoadQueryFont",
"file": "src/Font.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-a1f9ebe0",
"signature_type": "Function",
"digest": {
"length": 752.0,
"function_hash": "66997949985231049690069052670410082328"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XSetFontPath",
"file": "src/SetFPath.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-aa34eb7a",
"signature_type": "Function",
"digest": {
"length": 814.0,
"function_hash": "23833505750581235338172880099508340313"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"file": "src/QuExt.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-c0457bdd",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"50740766647139537254525501348017655566",
"183139958355928770822938698230453995145",
"104823369486760063538283238423342242650",
"277481263869901368836241285052202953257",
"169237578015176389816573232424913306841",
"121814899006143998207976236184720190911"
]
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XListFontsWithInfo",
"file": "src/FontInfo.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-c1534411",
"signature_type": "Function",
"digest": {
"length": 3461.0,
"function_hash": "145508344740012304412853084065860036813"
}
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"target": {
"function": "XListFonts",
"file": "src/FontNames.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2021-31535-c2481a39",
"signature_type": "Function",
"digest": {
"length": 1468.0,
"function_hash": "316840535811024662384818677316901887693"
}
}
]