CVE-2024-0229

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-0229
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://access.redhat.com/errata/RHSA-2024:0320 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0557 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0558 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0597 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0607 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0614 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0617 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0621 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0626 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0629 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2169 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2170 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2995 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2996 Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-0229 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2256690 Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*
cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
History

18 Oct 2024, 13:49

Type Values Removed Values Added
CPE cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*
First Time Redhat
Fedoraproject
Redhat enterprise Linux Tus
Redhat enterprise Linux Aus
X.org
Redhat enterprise Linux Update Services For Sap Solutions
X.org x Server
X.org xwayland
Redhat enterprise Linux
Fedoraproject fedora
Redhat enterprise Linux Eus
CWE CWE-787
References () https://access.redhat.com/errata/RHSA-2024:0320 - () https://access.redhat.com/errata/RHSA-2024:0320 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0557 - () https://access.redhat.com/errata/RHSA-2024:0557 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0558 - () https://access.redhat.com/errata/RHSA-2024:0558 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0597 - () https://access.redhat.com/errata/RHSA-2024:0597 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0607 - () https://access.redhat.com/errata/RHSA-2024:0607 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0614 - () https://access.redhat.com/errata/RHSA-2024:0614 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0617 - () https://access.redhat.com/errata/RHSA-2024:0617 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0621 - () https://access.redhat.com/errata/RHSA-2024:0621 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0626 - () https://access.redhat.com/errata/RHSA-2024:0626 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0629 - () https://access.redhat.com/errata/RHSA-2024:0629 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2169 - () https://access.redhat.com/errata/RHSA-2024:2169 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2170 - () https://access.redhat.com/errata/RHSA-2024:2170 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2995 - () https://access.redhat.com/errata/RHSA-2024:2995 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2996 - () https://access.redhat.com/errata/RHSA-2024:2996 - Third Party Advisory
References () https://access.redhat.com/security/cve/CVE-2024-0229 - () https://access.redhat.com/security/cve/CVE-2024-0229 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2256690 - () https://bugzilla.redhat.com/show_bug.cgi?id=2256690 - Issue Tracking, Third Party Advisory

22 May 2024, 17:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2995 -
  • () https://access.redhat.com/errata/RHSA-2024:2996 -

30 Apr 2024, 14:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2169 -
  • () https://access.redhat.com/errata/RHSA-2024:2170 -

09 Feb 2024, 07:16

Type Values Removed Values Added
New CVE
Information

Published : 2024-02-09 07:16

Updated : 2024-10-18 13:49

NVD link : CVE-2024-0229

Mitre link : CVE-2024-0229

CVE.ORG link : CVE-2024-0229

JSON object : View

Products Affected

redhat

  • enterprise_linux_aus
  • enterprise_linux_tus
  • enterprise_linux
  • enterprise_linux_update_services_for_sap_solutions
  • enterprise_linux_eus

x.org

  • xwayland
  • x_server

fedoraproject

  • fedora
CWE
CWE-787

Out-of-bounds Write

CWE-788

Access of Memory Location After End of Buffer


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024