Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-4029Race Condition in X Server

CWE-362Race Condition10 documents9 sources
Severity
1.9LOWNVD
EPSS
0.8%
top 26.51%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
X.org Xorg-serverX.org X Server
Timeline
PublishedJul 3
Latest updateMay 13

Description

The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.

CVSS vector

AV:L/AC:M/C:P/I:N/A:NExploitability: 3.4 | Impact: 2.9

Affected Packages2 packages

NVDx.org/x_server1.11.1+1
Debianx.org/xorg-server< 2:1.11.1.901-2+3

Patches

Patch: cgit.freedesktop.orgPatch: cgit.freedesktop.org

🔴Vulnerability Details

3
GHSA
GHSA-mq85-mwhp-wv55: The LockServer function in os/utils2022-05-13
OSV
CVE-2011-4029: The LockServer function in os/utils2012-07-03
CVEList
CVE-2011-4029: The LockServer function in os/utils2012-07-03

💥Exploits & PoCs

1
Exploit-DB
X.Org xorg 1.4 < 1.11.2 - File Permission Change2011-10-28

📋Vendor Advisories

3
Red Hat
xorg-x11-server: lock file chmod change race condition2011-10-18
Ubuntu
X.Org X server vulnerabilities2011-10-18
Debian
CVE-2011-4029: xorg-server - The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows loca...2011

💬Community

2
Bugzilla
CVE-2011-4028 CVE-2011-4029 xorg-x11-server various flaws [fedora-15]2012-03-02
Bugzilla
CVE-2011-4029 xorg-x11-server: lock file chmod change race condition2011-10-11
CVE-2011-4029 — Race Condition in X.org X Server | cvebase