Vulnerability CVE-2024-21886: Information

Description

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments.

URL: https://nvd.nist.gov/vuln/detail/CVE-2024-21886
Published: Feb. 28, 2024
Modified: May 22, 2024
Error type identifier: CWE-122

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
xorg-serverp101.20.14-alt111.20.14-alt13ALT-PU-2024-1183-2338291Fixed
xorg-serverp91.20.8-alt121.20.8-alt12ALT-PU-2024-1181-2338294Fixed
xorg-serverc10f11.20.14-alt111.20.14-alt12ALT-PU-2024-4743-2343922Fixed
xorg-serverc9f21.20.8-alt121.20.8-alt12ALT-PU-2024-3261-2341756Fixed
xorg-xwaylandp1023.1.1-alt423.1.1-alt5ALT-PU-2024-1182-2338291Fixed
xorg-xwaylandc10f123.1.1-alt423.1.1-alt5ALT-PU-2024-4745-2343922Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
RHSA-2024:0320
    RHSA-2024:0557
      RHSA-2024:0558
        RHSA-2024:0597
          RHSA-2024:0607
            RHSA-2024:0614
              RHSA-2024:0617
                RHSA-2024:0621
                  RHSA-2024:0626
                    RHSA-2024:0629
                      https://access.redhat.com/security/cve/CVE-2024-21886
                        RHBZ#2256542
                          RHSA-2024:2169
                            RHSA-2024:2170
                              RHSA-2024:2995
                                RHSA-2024:2996
                                  VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                                  Version: v24.5.1
                                  Back to top