CVE-2024-0229

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-0229
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://access.redhat.com/errata/RHSA-2024:0320 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0557 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0558 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0597 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0607 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0614 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0617 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0621 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0626 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0629 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2169 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2170 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2995 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2996 Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-0229 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2256690 Issue Tracking Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0320 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0557 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0558 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0597 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0607 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0614 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0617 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0621 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0626 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0629 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2169 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2170 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2995 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2996 Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-0229 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2256690 Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*
cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
History

23 Nov 2024, 03:15

Type Values Removed Values Added
CWE CWE-788

21 Nov 2024, 08:46

Type Values Removed Values Added
References () https://access.redhat.com/errata/RHSA-2024:0320 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0320 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0557 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0557 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0558 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0558 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0597 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0597 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0607 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0607 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0614 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0614 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0617 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0617 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0621 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0621 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0626 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0626 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0629 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0629 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2169 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:2169 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2170 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:2170 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2995 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:2995 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2996 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:2996 - Third Party Advisory
References () https://access.redhat.com/security/cve/CVE-2024-0229 - Third Party Advisory () https://access.redhat.com/security/cve/CVE-2024-0229 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2256690 - Issue Tracking, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=2256690 - Issue Tracking, Third Party Advisory

18 Oct 2024, 13:49

Type Values Removed Values Added
CWE CWE-787
CPE cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*
References () https://access.redhat.com/errata/RHSA-2024:0320 - () https://access.redhat.com/errata/RHSA-2024:0320 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0557 - () https://access.redhat.com/errata/RHSA-2024:0557 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0558 - () https://access.redhat.com/errata/RHSA-2024:0558 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0597 - () https://access.redhat.com/errata/RHSA-2024:0597 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0607 - () https://access.redhat.com/errata/RHSA-2024:0607 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0614 - () https://access.redhat.com/errata/RHSA-2024:0614 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0617 - () https://access.redhat.com/errata/RHSA-2024:0617 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0621 - () https://access.redhat.com/errata/RHSA-2024:0621 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0626 - () https://access.redhat.com/errata/RHSA-2024:0626 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0629 - () https://access.redhat.com/errata/RHSA-2024:0629 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2169 - () https://access.redhat.com/errata/RHSA-2024:2169 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2170 - () https://access.redhat.com/errata/RHSA-2024:2170 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2995 - () https://access.redhat.com/errata/RHSA-2024:2995 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2996 - () https://access.redhat.com/errata/RHSA-2024:2996 - Third Party Advisory
References () https://access.redhat.com/security/cve/CVE-2024-0229 - () https://access.redhat.com/security/cve/CVE-2024-0229 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2256690 - () https://bugzilla.redhat.com/show_bug.cgi?id=2256690 - Issue Tracking, Third Party Advisory
First Time Redhat enterprise Linux
Redhat enterprise Linux Update Services For Sap Solutions
Redhat enterprise Linux Eus
Fedoraproject fedora
Redhat
X.org
X.org xwayland
X.org x Server
Fedoraproject
Redhat enterprise Linux Aus
Redhat enterprise Linux Tus

22 May 2024, 17:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2995 -
  • () https://access.redhat.com/errata/RHSA-2024:2996 -

30 Apr 2024, 14:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2169 -
  • () https://access.redhat.com/errata/RHSA-2024:2170 -

09 Feb 2024, 07:16

Type Values Removed Values Added
New CVE
Information

Published : 2024-02-09 07:16

Updated : 2024-11-23 03:15

NVD link : CVE-2024-0229

Mitre link : CVE-2024-0229

CVE.ORG link : CVE-2024-0229

JSON object : View

Products Affected

redhat

  • enterprise_linux_tus
  • enterprise_linux_update_services_for_sap_solutions
  • enterprise_linux
  • enterprise_linux_eus
  • enterprise_linux_aus

x.org

  • x_server
  • xwayland

fedoraproject

  • fedora
CWE
CWE-787

Out-of-bounds Write