CVE-2024-9632 | THREATINT

Description

A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.

PUBLISHED Reserved 2024-10-08 | Published 2024-10-30 | Updated 2026-02-26 | Assigner redhat

HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

Heap-based Buffer Overflow

Product status

Default status

unaffected

1.1.1 (semver) before 21.1.14

affected

Default status

affected

0:24.1.5-3.el10_0 (rpm) before *

unaffected

Default status

affected

0:1.1.0-25.el6_10.13 (rpm) before *

unaffected

Default status

affected

0:1.8.0-34.el7_9 (rpm) before *

unaffected

Default status

affected

0:1.20.11-25.el8_10 (rpm) before *

unaffected

Default status

affected

0:21.1.3-17.el8_10 (rpm) before *

unaffected

Default status

affected

0:1.13.1-14.el8_10 (rpm) before *

unaffected

Default status

affected

0:1.9.0-15.el8_2.12 (rpm) before *

unaffected

Default status

affected

0:1.11.0-8.el8_4.11 (rpm) before *

unaffected

Default status

affected

0:1.11.0-8.el8_4.11 (rpm) before *

unaffected

Default status

affected

0:1.11.0-8.el8_4.11 (rpm) before *

unaffected

Default status

affected

0:1.12.0-6.el8_6.12 (rpm) before *

unaffected

Default status

affected

0:1.12.0-6.el8_6.12 (rpm) before *

unaffected

Default status

affected

0:1.12.0-6.el8_6.12 (rpm) before *

unaffected

Default status

affected

0:1.12.0-15.el8_8.11 (rpm) before *

unaffected

Default status

affected

0:1.14.1-1.el9_5 (rpm) before *

unaffected

Default status

affected

0:1.20.11-28.el9_6 (rpm) before *

unaffected

Default status

affected

0:23.2.7-3.el9_6 (rpm) before *

unaffected

Default status

affected

0:1.11.0-22.el9_0.12 (rpm) before *

unaffected

Default status

affected

0:1.12.0-14.el9_2.9 (rpm) before *

unaffected

Default status

affected

0:1.13.1-8.el9_4.4 (rpm) before *

unaffected

Default status

unknown

Default status

unknown

Timeline

2024-10-08:	Reported to Red Hat.
2024-10-29:	Made public.

References

www.openwall.com/lists/oss-security/2024/10/29/2

lists.debian.org/debian-lts-announce/2024/10/msg00031.html

seclists.org/fulldisclosure/2024/Oct/20

access.redhat.com/errata/RHSA-2024:10090 (RHSA-2024:10090) vendor-advisory

access.redhat.com/errata/RHSA-2024:8798 (RHSA-2024:8798) vendor-advisory

access.redhat.com/errata/RHSA-2024:9540 (RHSA-2024:9540) vendor-advisory

access.redhat.com/errata/RHSA-2024:9579 (RHSA-2024:9579) vendor-advisory

access.redhat.com/errata/RHSA-2024:9601 (RHSA-2024:9601) vendor-advisory

access.redhat.com/errata/RHSA-2024:9690 (RHSA-2024:9690) vendor-advisory

access.redhat.com/errata/RHSA-2024:9816 (RHSA-2024:9816) vendor-advisory

access.redhat.com/errata/RHSA-2024:9818 (RHSA-2024:9818) vendor-advisory

access.redhat.com/errata/RHSA-2024:9819 (RHSA-2024:9819) vendor-advisory

access.redhat.com/errata/RHSA-2024:9820 (RHSA-2024:9820) vendor-advisory

access.redhat.com/errata/RHSA-2024:9901 (RHSA-2024:9901) vendor-advisory

access.redhat.com/errata/RHSA-2025:12751 (RHSA-2025:12751) vendor-advisory

access.redhat.com/errata/RHSA-2025:7163 (RHSA-2025:7163) vendor-advisory

access.redhat.com/errata/RHSA-2025:7165 (RHSA-2025:7165) vendor-advisory

access.redhat.com/errata/RHSA-2025:7458 (RHSA-2025:7458) vendor-advisory

access.redhat.com/security/cve/CVE-2024-9632 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2317233 (RHBZ#2317233) issue-tracking

cve.org (CVE-2024-9632)

nvd.nist.gov (CVE-2024-9632)

Download JSON

help @ threatint.eu