CVE-2021-34557

XScreenSaver 5.45 can be bypassed if the machine has more than ten disconnectable video outputs. A buffer overflow in update_screen_layout() allows an attacker to bypass the standard screen lock authentication mechanism by crashing XScreenSaver. The attacker must physically disconnect many video outputs.

CVSS v3.0 4.6 MEDIUM
CVSS v2.0 2.1 LOW

4.6^/10

CVSS v3.0 : MEDIUM

Vector :

Exploitability : 0.9 / Impact : 3.6

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://github.com/QubesOS/qubes-xscreensaver/blob/master/0001-Fix-updating-outputs-info.patch	Patch Third Party Advisory
https://github.com/QubesOS/qubes-issues/issues/6595	Issue Tracking Third Party Advisory
https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-068-2021.txt	Exploit Third Party Advisory
https://www.openwall.com/lists/oss-security/2021/06/05/1	Exploit Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/06/11/1	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/07/06/2	Exploit Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TC4QB7TRS4GS7LDXQQ4PC6J3LVFJYISV/	Mailing List Third Party Advisory

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:xscreensaver_project:xscreensaver:5.45:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Information

Published : 2021-06-10 09:15

Updated : 2021-09-21 09:39

NVD link : CVE-2021-34557

Mitre link : CVE-2021-34557

JSON object : View

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Advertisement

Products Affected

xscreensaver_project

xscreensaver

fedoraproject

fedora

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/QubesOS/qubes-xscreensaver/blob/master/0001-Fix-updating-outputs-info.patch", "name": "https://github.com/QubesOS/qubes-xscreensaver/blob/master/0001-Fix-updating-outputs-info.patch", "tags": ["Patch", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://github.com/QubesOS/qubes-issues/issues/6595", "name": "https://github.com/QubesOS/qubes-issues/issues/6595", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-068-2021.txt", "name": "https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-068-2021.txt", "tags": ["Exploit", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://www.openwall.com/lists/oss-security/2021/06/05/1", "name": "https://www.openwall.com/lists/oss-security/2021/06/05/1", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "refsource": "MISC"}, {"url": "http://www.openwall.com/lists/oss-security/2021/06/11/1", "name": "[oss-security] 20210611 Re: XScreenSaver 5.45: Disconnecting a video output can cause XScreenSaver to crash and unlock", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "MLIST"}, {"url": "http://www.openwall.com/lists/oss-security/2021/07/06/2", "name": "[oss-security] 20210706 xscreensaver 5.45 crash", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "refsource": "MLIST"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TC4QB7TRS4GS7LDXQQ4PC6J3LVFJYISV/", "name": "FEDORA-2021-5af4452ffd", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "FEDORA"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "XScreenSaver 5.45 can be bypassed if the machine has more than ten disconnectable video outputs. A buffer overflow in update_screen_layout() allows an attacker to bypass the standard screen lock authentication mechanism by crashing XScreenSaver. The attacker must physically disconnect many video outputs."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-120"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-34557", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "LOW", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.6, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.9}}, "publishedDate": "2021-06-10T16:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:xscreensaver_project:xscreensaver:5.45:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2021-09-21T16:39Z"}