CVE-2021-31535
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-31535
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-31535.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-31535
- Downstream
- Related
- Published
- 2021-05-27T13:15:08Z
- Modified
- 2025-10-21T05:56:19.485949Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session.
- References
-
- http://packetstormsecurity.com/files/162737/libX11-Insufficient-Length-Check-Injection.html
- http://seclists.org/fulldisclosure/2021/May/52
- http://www.openwall.com/lists/oss-security/2021/05/18/2
- https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8d2e02ae650f00c4a53deb625211a0527126c605
- https://lists.debian.org/debian-lts-announce/2021/05/msg00021.html
- https://lists.freedesktop.org/archives/xorg/
- https://lists.x.org/archives/xorg-announce/2021-May/003088.html
- https://security.gentoo.org/glsa/202105-16
- https://security.netapp.com/advisory/ntap-20210813-0001/
- https://unparalleled.eu/blog/2021/20210518-using-xterm-to-navigate-the-huge-color-space/
- https://unparalleled.eu/publications/2021/advisory-unpar-2021-1.txt
- https://www.debian.org/security/2021/dsa-4920
- https://www.openwall.com/lists/oss-security/2021/05/18/2
- https://www.openwall.com/lists/oss-security/2021/05/18/3
- https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E
- https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E
- https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEOT4RLB76RVPJQKGGTIKTBIOLHX2NR6/
Affected packages
Git / github.com/mirror/libx11
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mirror/libx11
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://gitlab.freedesktop.org/xorg/lib/libx11
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
MODULAR_COPY
XACE-SELINUX-MERGE
XORG-6_7_99_1
XORG-6_7_99_2
XORG-6_7_99_902
XORG-6_7_99_903
XORG-6_8_1
XORG-6_8_99_10
XORG-6_8_99_13
XORG-6_8_99_14
XORG-6_8_99_15
XORG-6_8_99_6
XORG-6_8_99_7
XORG-6_8_99_9
XORG-6_8_99_900
XORG-6_8_99_901
XORG-6_8_99_902
XORG-6_8_99_903
XORG-6_99_99_900
XORG-6_99_99_901
XORG-6_99_99_902
XORG-6_99_99_903
XORG-6_99_99_904
XORG-MAIN
libX11-1_0_1
libX11-1_0_2
libX11-1_0_3
libX11-1.*
libX11-1.0.99.1
libX11-1.0.99.2
libX11-1.1
libX11-1.1-RC1
libX11-1.1-RC2
libX11-1.1.1
libX11-1.1.2
libX11-1.1.3
libX11-1.1.4
libX11-1.1.99.2
libX11-1.2
libX11-1.2.1
libX11-1.2.2
libX11-1.2.99.901
libX11-1.3
libX11-1.3.1
libX11-1.3.2
libX11-1.3.3
libX11-1.3.4
libX11-1.3.99.901
libX11-1.3.99.902
libX11-1.3.99.903
libX11-1.4.0
libX11-1.4.1
libX11-1.4.2
libX11-1.4.3
libX11-1.4.4
libX11-1.4.99.1
libX11-1.4.99.901
libX11-1.4.99.902
libX11-1.5.0
libX11-1.5.99.901
libX11-1.5.99.902
libX11-1.6.0
libX11-1.6.1
libX11-1.6.10
libX11-1.6.11
libX11-1.6.12
libX11-1.6.2
libX11-1.6.3
libX11-1.6.4
libX11-1.6.5
libX11-1.6.6
libX11-1.6.7
libX11-1.6.8
libX11-1.6.9
libX11-1.7.0
Database specific
vanir_signatures
[
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/LookupCol.c",
"function": "XLookupColor"
},
"digest": {
"length": 1204.0,
"function_hash": "194779545851206938191317774910667006767"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-03c4294d"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/StNColor.c",
"function": "XStoreNamedColor"
},
"digest": {
"length": 805.0,
"function_hash": "57596708029533598651365206010640559677"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-06c7a3b3"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/SetFPath.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"50740766647139537254525501348017655566",
"191720514066239136195297291948358165596",
"236735166600612026233734810992458744372",
"175250586613470016533022889582037947246",
"15820597583791618870090057761206061612",
"323884454437786854138380526354199915375"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2021-31535-06ff8958"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/SetHints.c",
"function": "XSetClassHint"
},
"digest": {
"length": 560.0,
"function_hash": "339492935456616761875859918177051278716"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-0ed22727"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/GetColor.c",
"function": "XAllocNamedColor"
},
"digest": {
"length": 1283.0,
"function_hash": "272229315376601560145787171691278513077"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-1452889a"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/Font.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"16257440484568987506901834172546690453",
"29592823987098147533264154119221098212",
"150231721246991869990294808332596117824",
"277939570852743938313382357778705813908",
"23540310715949143903583714386511684886",
"41702074481376957366942239806873386079",
"301186063222482847227854460083028620096"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2021-31535-174c0404"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/QuExt.c",
"function": "XQueryExtension"
},
"digest": {
"length": 578.0,
"function_hash": "3273904504419152404817559787134880597"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-17f9abb4"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/SetHints.c",
"function": "XSetStandardProperties"
},
"digest": {
"length": 690.0,
"function_hash": "141049300835485479325261718068060773376"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-1bc3c9c8"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/ParseCol.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"262504001726064536913730362978503461039",
"21668516314201488491497005893235019520",
"36409840772859001858509127713312563951",
"121881950064672761746840297912490311066",
"313441283645575752615977181693896599727",
"28234959273533793541662092506365956772",
"79396196360508823037340879876919941591"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2021-31535-2ce993a7"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/Font.c",
"function": "_XF86LoadQueryLocaleFont"
},
"digest": {
"length": 1286.0,
"function_hash": "93291342007330628588149580812011790579"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-30877076"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/SetHints.c",
"function": "XSetCommand"
},
"digest": {
"length": 601.0,
"function_hash": "24684718490872317656076989888444743713"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-3311e1dc"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/FontNames.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"183540688237464359359532939193636150510",
"208313404388619166471369205993232785091",
"321610926566339078421915125242385029692"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2021-31535-3c5cab0b"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/LoadFont.c",
"function": "XLoadFont"
},
"digest": {
"length": 467.0,
"function_hash": "22089373937851375930563966087998802849"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-46f466a4"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/SetHints.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"31863458945747855404031146347807020032",
"68961041533426996369863547461183352412",
"274053626768630293049051151122532135454",
"296874047534542534430039836340292501045",
"93929287736250484024689755957198032316",
"225080581754741922607453415960086415678",
"3073408934216278589773249814016384519",
"100731358177687282697573601294506188442",
"193296163577986555494456534927255038395",
"288803370994506060175970321761736290351",
"279794168693008621650904745261952586639",
"236622881049090339554616567627678831237",
"177867807698317477636841312789999896209",
"102973379653873905648734011320756338553"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2021-31535-545aeb71"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/StName.c",
"function": "XSetIconName"
},
"digest": {
"length": 247.0,
"function_hash": "30583031230923752344114699184738534690"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-5af3990e"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/LookupCol.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"262504001726064536913730362978503461039",
"21668516314201488491497005893235019520",
"36409840772859001858509127713312563951",
"158614489178553825387838154785007706854",
"268358346475244183936174525433343488558",
"207217743611472631402677607440911295277",
"8086225728994918271076276047011540756",
"296162282267076243929351581204304500884",
"44473234487433654380309193110288885415",
"167551788482031049547736823666537207774"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2021-31535-5df119da"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/StNColor.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"262504001726064536913730362978503461039",
"21668516314201488491497005893235019520",
"36409840772859001858509127713312563951",
"318148898277984628551132884954917923508",
"230272514686543693188884383879003345375",
"223308178260587010079595248684064479913"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2021-31535-60990db3"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/GetColor.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"262504001726064536913730362978503461039",
"21668516314201488491497005893235019520",
"36409840772859001858509127713312563951",
"291984676250480342888077324157364398308",
"24052841096178241101704599061165452902",
"27834934316003449013620342270320311669"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2021-31535-67d32a13"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/StName.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"31863458945747855404031146347807020032",
"101914556914327229503050354764631718102",
"152408753156262496763212019825099333887",
"283196058586486498443714268776973736929",
"235435633057246815498807168805364311883",
"58183659154948519433500447108239486021",
"267561276077180045214993981380397376757",
"217967526014509531600795984379562621271",
"9603444088893844832578168139879830558",
"150625911743021074390256788328171439261",
"156715389106347318133217079548016383261"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2021-31535-76867870"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/FontInfo.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"80129333695779641381576002661036683501",
"26784690429517856576801970640465559669",
"282982041665519749977830514767598380425"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2021-31535-7cd24872"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/ParseCol.c",
"function": "XParseColor"
},
"digest": {
"length": 1835.0,
"function_hash": "226579109019714700817799452827862392636"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-8a339271"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/StName.c",
"function": "XStoreName"
},
"digest": {
"length": 242.0,
"function_hash": "124867819081785719348192357474512710152"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-8e3196fe"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/LoadFont.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"50740766647139537254525501348017655566",
"312886974931123872537107090712557873142",
"146620374490523123600052805197895021536",
"286742250289382630656494368908146052234",
"319156673997211742746296553108985673051",
"236432169601576487340315636149580793967"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2021-31535-8e895452"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/Font.c",
"function": "XLoadQueryFont"
},
"digest": {
"length": 752.0,
"function_hash": "66997949985231049690069052670410082328"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-a1f9ebe0"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/SetFPath.c",
"function": "XSetFontPath"
},
"digest": {
"length": 814.0,
"function_hash": "23833505750581235338172880099508340313"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-aa34eb7a"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/QuExt.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"50740766647139537254525501348017655566",
"183139958355928770822938698230453995145",
"104823369486760063538283238423342242650",
"277481263869901368836241285052202953257",
"169237578015176389816573232424913306841",
"121814899006143998207976236184720190911"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2021-31535-c0457bdd"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/FontInfo.c",
"function": "XListFontsWithInfo"
},
"digest": {
"length": 3461.0,
"function_hash": "145508344740012304412853084065860036813"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-c1534411"
},
{
"source": "https://gitlab.freedesktop.org/xorg/lib/libx11@8d2e02ae650f00c4a53deb625211a0527126c605",
"signature_version": "v1",
"target": {
"file": "src/FontNames.c",
"function": "XListFonts"
},
"digest": {
"length": 1468.0,
"function_hash": "316840535811024662384818677316901887693"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2021-31535-c2481a39"
}
]