CVE-2024-0229

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-0229
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-0229.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-0229
Downstream
Related
Published
2024-02-09T06:29:51.542Z
Modified
2026-06-18T03:54:41.794357303Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
Details

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.

Database specific 
{
    "cwe_ids": [
        "CWE-787"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/0xxx/CVE-2024-0229.json",
    "cna_assigner": "redhat"
}
References

Affected packages

Git / gitlab.freedesktop.org/xorg/xserver

Affected ranges

Type
GIT
Repo
https://gitlab.freedesktop.org/xorg/xserver
Events
Introduced
2a327e58609e2bf53a9043eab4b36bc64168197a
Fixed
31407c0199da877b359b2e37bb371804321279b7
Database specific 
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "21.1.0"
        },
        {
            "fixed": "21.1.11"
        }
    ]
}

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-0229.json"