CVE-2024-0229

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2024:0320
https://access.redhat.com/errata/RHSA-2024:0557
https://access.redhat.com/errata/RHSA-2024:0558
https://access.redhat.com/errata/RHSA-2024:0597
https://access.redhat.com/errata/RHSA-2024:0607
https://access.redhat.com/errata/RHSA-2024:0614
https://access.redhat.com/errata/RHSA-2024:0617
https://access.redhat.com/errata/RHSA-2024:0621
https://access.redhat.com/errata/RHSA-2024:0626
https://access.redhat.com/errata/RHSA-2024:0629
https://access.redhat.com/errata/RHSA-2024:2169
https://access.redhat.com/errata/RHSA-2024:2170
https://access.redhat.com/errata/RHSA-2024:2995
https://access.redhat.com/errata/RHSA-2024:2996
https://access.redhat.com/security/cve/CVE-2024-0229
https://bugzilla.redhat.com/show_bug.cgi?id=2256690

Configurations

No configuration.

History

No history.

Information

Published : 2024-02-09 07:16

Updated : 2024-05-22 17:16

NVD link : CVE-2024-0229

Mitre link : CVE-2024-0229

CVE.ORG link : CVE-2024-0229

JSON object : View

Products Affected

No product.

CWE

CWE-788

Access of Memory Location After End of Buffer

{"id": "CVE-2024-0229", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2024-02-09T07:16:00.107", "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:0320", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0557", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0558", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0597", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0607", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0614", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0617", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0621", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0626", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0629", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:2169", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:2170", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:2995", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:2996", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/CVE-2024-0229", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256690", "source": "secalert@redhat.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-788"}]}], "descriptions": [{"lang": "en", "value": "An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments."}, {"lang": "es", "value": "Se encontr\u00f3 una falla de acceso a la memoria fuera de los l\u00edmites en el servidor X.Org. Este problema puede desencadenarse cuando un dispositivo congelado por una captura de sincronizaci\u00f3n se vuelve a conectar a un dispositivo maestro diferente. Este problema puede provocar una falla de la aplicaci\u00f3n, una escalada de privilegios locales (si el servidor se ejecuta con privilegios extendidos) o la ejecuci\u00f3n remota de c\u00f3digo en entornos de reenv\u00edo SSH X11."}], "lastModified": "2024-05-22T17:16:11.003", "sourceIdentifier": "secalert@redhat.com"}