X.Org X11 library: Denial of service A vulnerability in X.Org X11 library could lead to a Denial of Service condition. libx11 2021-05-26 2021-05-26 790824 remote 1.7.1 1.7.1

X.Org is an implementation of the X Window System. The X.Org X11 library provides the X11 protocol library files.

It was discovered that XLookupColor() and other X.Org X11 library functions lacked proper validation of the length of their string parameters.

An attacker could emit arbitrary X protocol requests to the X server through malicious crafted string parameters in applications linked against X.Org X11 library.

There is no known workaround at this time.

All X.Org X11 library users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=x11-libs/libX11-1.7.1" CVE-2021-31535 whissi whissi