Vulnerability CVE-2024-0229: Information

Description

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.

URL: https://nvd.nist.gov/vuln/detail/CVE-2024-0229
Published: Feb. 9, 2024
Modified: April 30, 2024
Error type identifier: CWE-788

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
xorg-serverp101.20.14-alt111.20.14-alt12ALT-PU-2024-1183-2338291Fixed
xorg-serverp91.20.8-alt121.20.8-alt12ALT-PU-2024-1181-2338294Fixed
xorg-serverc10f11.20.14-alt111.20.14-alt12ALT-PU-2024-4743-2343922Fixed
xorg-serverc9f21.20.8-alt121.20.8-alt12ALT-PU-2024-3261-2341756Fixed
xorg-xwaylandp1023.1.1-alt423.1.1-alt5ALT-PU-2024-1182-2338291Fixed
xorg-xwaylandc10f123.1.1-alt423.1.1-alt5ALT-PU-2024-4745-2343922Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
RHSA-2024:0320
    RHSA-2024:0557
      RHSA-2024:0558
        RHSA-2024:0597
          RHSA-2024:0607
            RHSA-2024:0614
              RHSA-2024:0617
                RHSA-2024:0621
                  RHSA-2024:0626
                    RHSA-2024:0629
                      https://access.redhat.com/security/cve/CVE-2024-0229
                        RHBZ#2256690
                          RHSA-2024:2169
                            RHSA-2024:2170
                              VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                              Version: v24.5.1
                              Back to top