{"api_version":"1","generated_at":"2026-04-22T22:59:03+00:00","cve":"CVE-2021-31535","urls":{"html":"https://cve.report/CVE-2021-31535","api":"https://cve.report/api/cve/CVE-2021-31535.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-31535","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-31535"},"summary":{"title":"CVE-2021-31535","description":"LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2021-05-27 13:15:00","updated_at":"2023-11-07 03:34:00"},"problem_types":["CWE-120"],"metrics":[],"references":[{"url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E","name":"[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image","refsource":"MLIST","tags":[],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E","name":"[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image","refsource":"MLIST","tags":[],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E","name":"[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image","refsource":"","tags":[],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.openwall.com/lists/oss-security/2021/05/18/2","name":"https://www.openwall.com/lists/oss-security/2021/05/18/2","refsource":"MISC","tags":[],"title":"oss-security - libX11 security advisory: May 18, 2021","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E","name":"[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image","refsource":"MLIST","tags":[],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://packetstormsecurity.com/files/162737/libX11-Insufficient-Length-Check-Injection.html","name":"http://packetstormsecurity.com/files/162737/libX11-Insufficient-Length-Check-Injection.html","refsource":"MISC","tags":[],"title":"libX11 Insufficient Length Check / Injection ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E","name":"[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image","refsource":"","tags":[],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2021/dsa-4920","name":"DSA-4920","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-4920-1 libx11","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8d2e02ae650f00c4a53deb625211a0527126c605","name":"https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8d2e02ae650f00c4a53deb625211a0527126c605","refsource":"MISC","tags":[],"title":"Reject string longer than USHRT_MAX before sending them on the wire (8d2e02ae) · Commits · xorg / lib / libX11 · GitLab","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://unparalleled.eu/publications/2021/advisory-unpar-2021-1.txt","name":"https://unparalleled.eu/publications/2021/advisory-unpar-2021-1.txt","refsource":"MISC","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"https://www.openwall.com/lists/oss-security/2021/05/18/3","name":"https://www.openwall.com/lists/oss-security/2021/05/18/3","refsource":"MISC","tags":[],"title":"oss-security - libx11 API Protocol Command Injection","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.freedesktop.org/archives/xorg/","name":"https://lists.freedesktop.org/archives/xorg/","refsource":"MISC","tags":[],"title":"The xorg Archives","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E","name":"[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image","refsource":"MLIST","tags":[],"title":"Pony Mail!","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E","name":"[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image","refsource":"","tags":[],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEOT4RLB76RVPJQKGGTIKTBIOLHX2NR6/","name":"FEDORA-2021-62bb9998b2","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 33 Update: libX11-1.7.2-3.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://unparalleled.eu/blog/2021/20210518-using-xterm-to-navigate-the-huge-color-space/","name":"https://unparalleled.eu/blog/2021/20210518-using-xterm-to-navigate-the-huge-color-space/","refsource":"MISC","tags":[],"title":"Using Xterm to Navigate the Huge Color Space","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00021.html","name":"[debian-lts-announce] 20210524 [SECURITY] [DLA 2666-1] libx11 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2666-1] libx11 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2021/May/52","name":"20210520 CVE-2021-31535 libX11 Insufficient Length Checks PoC and Archeology","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: CVE-2021-31535 libX11 Insufficient Length Checks PoC and\tArcheology","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEOT4RLB76RVPJQKGGTIKTBIOLHX2NR6/","name":"FEDORA-2021-62bb9998b2","refsource":"","tags":[],"title":"[SECURITY] Fedora 33 Update: libX11-1.7.2-3.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2021/05/18/2","name":"[oss-security] 20210518 libX11 security advisory: May 18, 2021","refsource":"MLIST","tags":[],"title":"oss-security - libX11 security advisory: May 18, 2021","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.gentoo.org/glsa/202105-16","name":"GLSA-202105-16","refsource":"GENTOO","tags":[],"title":"X.Org X11 library: Denial of service (GLSA 202105-16) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.x.org/archives/xorg-announce/2021-May/003088.html","name":"https://lists.x.org/archives/xorg-announce/2021-May/003088.html","refsource":"MISC","tags":[],"title":"libX11 security advisory: May 11, 2021","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20210813-0001/","name":"https://security.netapp.com/advisory/ntap-20210813-0001/","refsource":"CONFIRM","tags":[],"title":"CVE-2021-31535 X.Org X Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E","name":"[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image","refsource":"","tags":[],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-31535","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-31535","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"31535","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"33","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"31535","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"x.org","cpe5":"libx11","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"31535","vulnerable":"1","versionEndIncluding":"x11r7.7","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"x.org","cpe5":"x_window_system","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-31535","qid":"159372","title":"Oracle Enterprise Linux Security Update for libX11 (ELSA-2021-3296)"},{"cve":"CVE-2021-31535","qid":"159490","title":"Oracle Enterprise Linux Security Update for libX11 (ELSA-2021-4326)"},{"cve":"CVE-2021-31535","qid":"178606","title":"Debian Security Update for libx11 (DLA 2666-1)"},{"cve":"CVE-2021-31535","qid":"178619","title":"Debian Security Update for libx11 (DSA 4920-1)"},{"cve":"CVE-2021-31535","qid":"178634","title":"Debian Security Update for libx11 (DSA 4920-1)"},{"cve":"CVE-2021-31535","qid":"179854","title":"Debian Security Update for libx11 (CVE-2021-31535)"},{"cve":"CVE-2021-31535","qid":"198385","title":"Ubuntu Security Notification for libx11 vulnerability (USN-4966-1)"},{"cve":"CVE-2021-31535","qid":"239586","title":"Red Hat Update for libX11 (RHSA-2021:3296)"},{"cve":"CVE-2021-31535","qid":"239780","title":"Red Hat Update for libx11 (RHSA-2021:4326)"},{"cve":"CVE-2021-31535","qid":"257108","title":"CentOS Security Update for libX11 (CESA-2021:3296)"},{"cve":"CVE-2021-31535","qid":"281843","title":"Fedora Security Update for libX11 (FEDORA-2021-62bb9998b2)"},{"cve":"CVE-2021-31535","qid":"296059","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 36.0.1.101.2 Missing (CPUJUL2021)"},{"cve":"CVE-2021-31535","qid":"352474","title":"Amazon Linux Security Advisory for libX11: ALAS-2021-1517"},{"cve":"CVE-2021-31535","qid":"352488","title":"Amazon Linux Security Advisory for libX11: ALAS2-2021-1686"},{"cve":"CVE-2021-31535","qid":"352824","title":"Amazon Linux Security Advisory for libX11: AL2012-2021-348"},{"cve":"CVE-2021-31535","qid":"377071","title":"Alibaba Cloud Linux Security Update for libx11 (ALINUX2-SA-2021:0052)"},{"cve":"CVE-2021-31535","qid":"500335","title":"Alpine Linux Security Update for libx11"},{"cve":"CVE-2021-31535","qid":"501422","title":"Alpine Linux Security Update for libx11"},{"cve":"CVE-2021-31535","qid":"504100","title":"Alpine Linux Security Update for libx11"},{"cve":"CVE-2021-31535","qid":"670647","title":"EulerOS Security Update for libX11 (EulerOS-SA-2021-2405)"},{"cve":"CVE-2021-31535","qid":"670714","title":"EulerOS Security Update for libX11 (EulerOS-SA-2021-2472)"},{"cve":"CVE-2021-31535","qid":"670749","title":"EulerOS Security Update for libX11 (EulerOS-SA-2021-2507)"},{"cve":"CVE-2021-31535","qid":"670776","title":"EulerOS Security Update for libX11 (EulerOS-SA-2021-2534)"},{"cve":"CVE-2021-31535","qid":"670800","title":"EulerOS Security Update for libX11 (EulerOS-SA-2021-2558)"},{"cve":"CVE-2021-31535","qid":"670898","title":"EulerOS Security Update for libX11 (EulerOS-SA-2021-2558)"},{"cve":"CVE-2021-31535","qid":"690123","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for libx11 (58d6ed66-c2e8-11eb-9fb0-6451062f0f7a)"},{"cve":"CVE-2021-31535","qid":"710100","title":"Gentoo Linux X.Org X11 library Denial of service vulnerability (GLSA 202105-16)"},{"cve":"CVE-2021-31535","qid":"750037","title":"SUSE Enterprise Linux Security Update for libX11 (SUSE-SU-2021:1766-1)"},{"cve":"CVE-2021-31535","qid":"750039","title":"SUSE Enterprise Linux Security Update for libX11 (SUSE-SU-2021:1765-1)"},{"cve":"CVE-2021-31535","qid":"750043","title":"SUSE Enterprise Linux Security Update for libX11 (SUSE-SU-2021:1766-1)"},{"cve":"CVE-2021-31535","qid":"750045","title":"SUSE Enterprise Linux Security Update for libX11 (SUSE-SU-2021:1765-1)"},{"cve":"CVE-2021-31535","qid":"750061","title":"SUSE Enterprise Linux Security Update for libX11 (SUSE-SU-2021:1765-1)"},{"cve":"CVE-2021-31535","qid":"750122","title":"SUSE Enterprise Linux Security Update for libX11 (SUSE-SU-2021:1892-1)"},{"cve":"CVE-2021-31535","qid":"750130","title":"SUSE Enterprise Linux Security Update for libX11 (SUSE-SU-2021:1897-1)"},{"cve":"CVE-2021-31535","qid":"750167","title":"OpenSUSE Security Update for libX11 (openSUSE-SU-2021:0857-1)"},{"cve":"CVE-2021-31535","qid":"750186","title":"OpenSUSE Security Update for libX11 (openSUSE-SU-2021:0807-1)"},{"cve":"CVE-2021-31535","qid":"750801","title":"OpenSUSE Security Update for libX11 (openSUSE-SU-2021:1897-1)"},{"cve":"CVE-2021-31535","qid":"905131","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for libX11 (12509)"},{"cve":"CVE-2021-31535","qid":"940177","title":"AlmaLinux Security Update for libX11 (ALSA-2021:4326)"},{"cve":"CVE-2021-31535","qid":"960405","title":"Rocky Linux Security Update for libX11 (RLSA-2021:4326)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2021-31535","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://unparalleled.eu/publications/2021/advisory-unpar-2021-1.txt","refsource":"MISC","name":"https://unparalleled.eu/publications/2021/advisory-unpar-2021-1.txt"},{"url":"https://lists.freedesktop.org/archives/xorg/","refsource":"MISC","name":"https://lists.freedesktop.org/archives/xorg/"},{"refsource":"MLIST","name":"[oss-security] 20210518 libX11 security advisory: May 18, 2021","url":"http://www.openwall.com/lists/oss-security/2021/05/18/2"},{"refsource":"FULLDISC","name":"20210520 CVE-2021-31535 libX11 Insufficient Length Checks PoC and Archeology","url":"http://seclists.org/fulldisclosure/2021/May/52"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/162737/libX11-Insufficient-Length-Check-Injection.html","url":"http://packetstormsecurity.com/files/162737/libX11-Insufficient-Length-Check-Injection.html"},{"refsource":"MLIST","name":"[debian-lts-announce] 20210524 [SECURITY] [DLA 2666-1] libx11 security update","url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00021.html"},{"refsource":"DEBIAN","name":"DSA-4920","url":"https://www.debian.org/security/2021/dsa-4920"},{"refsource":"GENTOO","name":"GLSA-202105-16","url":"https://security.gentoo.org/glsa/202105-16"},{"refsource":"MISC","name":"https://www.openwall.com/lists/oss-security/2021/05/18/3","url":"https://www.openwall.com/lists/oss-security/2021/05/18/3"},{"refsource":"MISC","name":"https://www.openwall.com/lists/oss-security/2021/05/18/2","url":"https://www.openwall.com/lists/oss-security/2021/05/18/2"},{"refsource":"MISC","name":"https://unparalleled.eu/blog/2021/20210518-using-xterm-to-navigate-the-huge-color-space/","url":"https://unparalleled.eu/blog/2021/20210518-using-xterm-to-navigate-the-huge-color-space/"},{"refsource":"MISC","name":"https://lists.x.org/archives/xorg-announce/2021-May/003088.html","url":"https://lists.x.org/archives/xorg-announce/2021-May/003088.html"},{"refsource":"MISC","name":"https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8d2e02ae650f00c4a53deb625211a0527126c605","url":"https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8d2e02ae650f00c4a53deb625211a0527126c605"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20210813-0001/","url":"https://security.netapp.com/advisory/ntap-20210813-0001/"},{"refsource":"FEDORA","name":"FEDORA-2021-62bb9998b2","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEOT4RLB76RVPJQKGGTIKTBIOLHX2NR6/"},{"refsource":"MLIST","name":"[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image","url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E"},{"refsource":"MLIST","name":"[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image","url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E"},{"refsource":"MLIST","name":"[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image","url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E"},{"refsource":"MLIST","name":"[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image","url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E"}]}},"nvd":{"publishedDate":"2021-05-27 13:15:00","lastModifiedDate":"2023-11-07 03:34:00","problem_types":["CWE-120"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":7.5},"severity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:x.org:x_window_system:*:*:*:*:*:*:*:*","versionEndIncluding":"x11r7.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:x.org:libx11:*:*:*:*:*:*:*:*","versionEndExcluding":"1.7.1","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"31535","Ordinal":"206831","Title":"CVE-2021-31535","CVE":"CVE-2021-31535","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"31535","Ordinal":"1","NoteData":"LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"31535","Ordinal":"2","NoteData":"2021-05-27","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"31535","Ordinal":"3","NoteData":"2021-09-01","Type":"Other","Title":"Modified"}]}}}