FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libX11 -- Arbitrary code execution

Affected packages
libX11 < 1.7.1,1


VuXML ID 58d6ed66-c2e8-11eb-9fb0-6451062f0f7a
Discovery 2021-05-11
Entry 2021-06-01
Modified 2022-02-08

The project reports:

XLookupColor() and other X libraries function lack proper validation of the length of their string parameters. If those parameters can be controlled by an external application (for instance a color name that can be emitted via a terminal control sequence) it can lead to the emission of extra X protocol requests to the X server.


CVE Name CVE-2021-31535