Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-0229

Опубликовано: 09 фев. 2024
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*
Версия до 21.1.11 (исключая)
cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*
Версия до 23.2.4 (исключая)
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*

EPSS

Процентиль: 60%
0.00408
Низкий

7.8 High

CVSS3

Дефекты

CWE-787
CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2024-0229

CVSS3: 7.8
ubuntu
больше 1 года назад

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.

redhat логотип

CVE-2024-0229

CVSS3: 7.8
redhat
больше 1 года назад

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.

msrc логотип

CVE-2024-0229

CVSS3: 7.8
msrc
9 месяцев назад

Описание отсутствует

debian логотип

CVE-2024-0229

CVSS3: 7.8
debian
больше 1 года назад

An out-of-bounds memory access flaw was found in the X.Org server. Thi ...

github логотип

GHSA-49wx-9h9f-8c9g

CVSS3: 7.8
github
больше 1 года назад

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.

EPSS

Процентиль: 60%
0.00408
Низкий

7.8 High

CVSS3

Дефекты

CWE-787
CWE-787