7.8

CVE-2024-0229

Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.23% 0.65
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
secalert@redhat.com 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://access.redhat.com/errata/RHSA-2024:2169
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2170
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2995
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2996
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0320
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0557
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0558
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0597
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0607
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0614
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0617
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0621
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0626
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0629
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/
https://access.redhat.com/security/cve/CVE-2024-0229
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2256690
Third Party Advisory
Issue Tracking
https://access.redhat.com/errata/RHSA-2025:12751