Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-0409 (GCVE-0-2024-0409)
Vulnerability from cvelistv5 – Published: 2024-01-18 15:40 – Updated: 2025-11-20 07:09
VLAI?
EPSS
Title
Xorg-x11-server: selinux context corruption
Summary
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.
Severity ?
7.8 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:0320 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:2169 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:2170 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:2995 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:2996 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2024-0409 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2257690 | issue-trackingx_refsource_REDHAT |
Impacted products
11 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
21.1.0 , < 21.1.11
(semver)
|
|||
| Red Hat | Red Hat Enterprise Linux 7 |
Unaffected:
0:1.20.4-27.el7_9 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:7::workstation cpe:/o:redhat:enterprise_linux:7::client cpe:/o:redhat:enterprise_linux:7::server cpe:/o:redhat:enterprise_linux:7::computenode |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
0:1.20.11-22.el8 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::appstream cpe:/a:redhat:enterprise_linux:8::crb |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
0:21.1.3-15.el8 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:1.20.11-24.el9 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:22.1.9-5.el9 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
Date Public ?
2024-01-16 00:00
Credits
Red Hat would like to thank Olivier Fourdan for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:04:49.708Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2024:0320",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:0320"
},
{
"name": "RHSA-2024:2169",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2169"
},
{
"name": "RHSA-2024:2170",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2170"
},
{
"name": "RHSA-2024:2995",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2995"
},
{
"name": "RHSA-2024:2996",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2996"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0409"
},
{
"name": "RHBZ#2257690",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-30"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240307-0006/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0409",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-18T16:47:29.032982Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:19:21.164Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
"defaultStatus": "unaffected",
"packageName": "xorg-server",
"versions": [
{
"lessThan": "21.1.11",
"status": "affected",
"version": "21.1.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7::workstation",
"cpe:/o:redhat:enterprise_linux:7::client",
"cpe:/o:redhat:enterprise_linux:7::server",
"cpe:/o:redhat:enterprise_linux:7::computenode"
],
"defaultStatus": "affected",
"packageName": "xorg-x11-server",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.20.4-27.el7_9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream",
"cpe:/a:redhat:enterprise_linux:8::crb"
],
"defaultStatus": "affected",
"packageName": "xorg-x11-server",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.20.11-22.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "xorg-x11-server-Xwayland",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:21.1.3-15.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"packageName": "xorg-x11-server",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.20.11-24.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "xorg-x11-server-Xwayland",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:22.1.9-5.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "tigervnc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "xorg-x11-server",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "tigervnc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "tigervnc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "tigervnc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Olivier Fourdan for reporting this issue."
}
],
"datePublic": "2024-01-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T07:09:01.279Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:0320",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:0320"
},
{
"name": "RHSA-2024:2169",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2169"
},
{
"name": "RHSA-2024:2170",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2170"
},
{
"name": "RHSA-2024:2995",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2995"
},
{
"name": "RHSA-2024:2996",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2996"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0409"
},
{
"name": "RHBZ#2257690",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-10T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-01-16T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Xorg-x11-server: selinux context corruption",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_redhatCweChain": "CWE-787: Out-of-bounds Write"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-0409",
"datePublished": "2024-01-18T15:40:22.071Z",
"dateReserved": "2024-01-10T21:15:38.712Z",
"dateUpdated": "2025-11-20T07:09:01.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-0409",
"date": "2026-05-20",
"epss": "0.00015",
"percentile": "0.03228"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tigervnc:tigervnc:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.13.1\", \"matchCriteriaId\": \"9C935C5C-1450-47E2-8736-EDED8D49475D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.1.11\", \"matchCriteriaId\": \"565381E7-E0BD-408F-B970-34E9724B1B08\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"23.2.4\", \"matchCriteriaId\": \"1FE48099-1D7F-444E-8F0C-FAB71F25AD71\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4CFF558-3C47-480D-A2F0-BABF26042943\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33C068A4-3780-4EAB-A937-6082DF847564\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"566507B6-AC95-47F7-A3FB-C6F414E45F51\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1CDCFF34-6F1D-45A1-BE37-6A0E17B04801\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37CE1DC7-72C5-483C-8921-0B462C8284D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.\"}, {\"lang\": \"es\", \"value\": \"Se encontr\\u00f3 una falla en el servidor X.Org. El c\\u00f3digo del cursor tanto en Xephyr como en Xwayland utiliza el tipo incorrecto de privado en el momento de la creaci\\u00f3n. Utiliza el tipo de bits del cursor con el cursor como privado y, al iniciar el cursor, sobrescribe el contexto XSELINUX.\"}]",
"id": "CVE-2024-0409",
"lastModified": "2024-11-21T08:46:31.373",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
"published": "2024-01-18T16:15:08.593",
"references": "[{\"url\": \"https://access.redhat.com/errata/RHSA-2024:0320\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2169\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2170\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2995\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2996\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-0409\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2257690\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:0320\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2169\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2170\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2995\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2996\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-0409\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2257690\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/202401-30\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240307-0006/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-0409\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2024-01-18T16:15:08.593\",\"lastModified\":\"2025-08-29T13:42:30.557\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una falla en el servidor X.Org. El c\u00f3digo del cursor tanto en Xephyr como en Xwayland utiliza el tipo incorrecto de privado en el momento de la creaci\u00f3n. Utiliza el tipo de bits del cursor con el cursor como privado y, al iniciar el cursor, sobrescribe el contexto XSELINUX.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tigervnc:tigervnc:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.13.1\",\"matchCriteriaId\":\"9C935C5C-1450-47E2-8736-EDED8D49475D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.1.11\",\"matchCriteriaId\":\"049C23AF-DFA5-4F08-A3E6-BBBF75581F05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"23.2.4\",\"matchCriteriaId\":\"1FE48099-1D7F-444E-8F0C-FAB71F25AD71\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"566507B6-AC95-47F7-A3FB-C6F414E45F51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CDCFF34-6F1D-45A1-BE37-6A0E17B04801\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37CE1DC7-72C5-483C-8921-0B462C8284D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2024:0320\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:2169\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:2170\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:2995\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:2996\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-0409\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2257690\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:0320\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:2169\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:2170\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:2995\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:2996\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-0409\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2257690\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202401-30\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240307-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2024:0320\", \"name\": \"RHSA-2024:0320\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2169\", \"name\": \"RHSA-2024:2169\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2170\", \"name\": \"RHSA-2024:2170\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2995\", \"name\": \"RHSA-2024:2995\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2996\", \"name\": \"RHSA-2024:2996\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-0409\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2257690\", \"name\": \"RHBZ#2257690\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-30\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240307-0006/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T18:04:49.708Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-0409\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-01-18T16:47:29.032982Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-17T21:15:15.754Z\"}}], \"cna\": {\"title\": \"Xorg-x11-server: selinux context corruption\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Olivier Fourdan for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"21.1.0\", \"lessThan\": \"21.1.11\", \"versionType\": \"semver\"}], \"packageName\": \"xorg-server\", \"collectionURL\": \"https://gitlab.freedesktop.org/xorg/xserver\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7::workstation\", \"cpe:/o:redhat:enterprise_linux:7::client\", \"cpe:/o:redhat:enterprise_linux:7::server\", \"cpe:/o:redhat:enterprise_linux:7::computenode\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.20.4-27.el7_9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"xorg-x11-server\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\", \"cpe:/a:redhat:enterprise_linux:8::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.20.11-22.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"xorg-x11-server\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:21.1.3-15.el8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"xorg-x11-server-Xwayland\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\", \"cpe:/a:redhat:enterprise_linux:9::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.20.11-24.el9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"xorg-x11-server\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:22.1.9-5.el9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"xorg-x11-server-Xwayland\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"tigervnc\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"xorg-x11-server\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"packageName\": \"tigervnc\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"tigervnc\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"tigervnc\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-01-10T00:00:00.000Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2024-01-16T00:00:00.000Z\", \"value\": \"Made public.\"}], \"datePublic\": \"2024-01-16T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2024:0320\", \"name\": \"RHSA-2024:0320\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2169\", \"name\": \"RHSA-2024:2169\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2170\", \"name\": \"RHSA-2024:2170\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2995\", \"name\": \"RHSA-2024:2995\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:2996\", \"name\": \"RHSA-2024:2996\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-0409\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2257690\", \"name\": \"RHBZ#2257690\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-11-20T07:09:01.279Z\"}, \"x_redhatCweChain\": \"CWE-787: Out-of-bounds Write\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-0409\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-20T07:09:01.279Z\", \"dateReserved\": \"2024-01-10T21:15:38.712Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2024-01-18T15:40:22.071Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
alsa-2024:2169
Vulnerability from osv_almalinux
Published
2024-04-30 00:00
Modified
2024-05-07 15:05
Summary
Moderate: xorg-x11-server security update
Details
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.
Security Fix(es):
- xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)
- xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)
- xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)
- xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)
- xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)
- xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)
- xorg-x11-server: SELinux context corruption (CVE-2024-0409)
- xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)
- xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)
- xorg-x11-server: Use-after-free bug in DestroyWindow (CVE-2023-5380)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "xorg-x11-server-Xdmx"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-24.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "xorg-x11-server-Xephyr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-24.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "xorg-x11-server-Xnest"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-24.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "xorg-x11-server-Xorg"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-24.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "xorg-x11-server-Xvfb"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-24.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "xorg-x11-server-common"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-24.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "xorg-x11-server-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-24.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "xorg-x11-server-source"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-24.el9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.\n\nSecurity Fix(es):\n\n* xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)\n* xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)\n* xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)\n* xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)\n* xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)\n* xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)\n* xorg-x11-server: SELinux context corruption (CVE-2024-0409)\n* xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)\n* xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)\n* xorg-x11-server: Use-after-free bug in DestroyWindow (CVE-2023-5380)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2024:2169",
"modified": "2024-05-07T15:05:08Z",
"published": "2024-04-30T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2024:2169"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-5367"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-5380"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6377"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6478"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6816"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-0229"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-0408"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-0409"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-21885"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-21886"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2243091"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2244736"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2253291"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2253298"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2256540"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2256542"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2256690"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2257689"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2257690"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2257691"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2024-2169.html"
}
],
"related": [
"CVE-2023-5367",
"CVE-2023-6377",
"CVE-2023-6478",
"CVE-2023-6816",
"CVE-2024-0229",
"CVE-2024-0408",
"CVE-2024-0409",
"CVE-2024-21885",
"CVE-2024-21886",
"CVE-2023-5380"
],
"summary": "Moderate: xorg-x11-server security update"
}
alsa-2024:2170
Vulnerability from osv_almalinux
Published
2024-04-30 00:00
Modified
2024-05-07 14:54
Summary
Moderate: xorg-x11-server-Xwayland security update
Details
Xwayland is an X server for running X clients under Wayland.
Security Fix(es):
- xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)
- xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)
- xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)
- xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)
- xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)
- xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)
- xorg-x11-server: SELinux context corruption (CVE-2024-0409)
- xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)
- xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "xorg-x11-server-Xwayland"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "22.1.9-5.el9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Xwayland is an X server for running X clients under Wayland.\n\nSecurity Fix(es):\n\n* xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)\n* xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)\n* xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)\n* xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)\n* xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)\n* xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)\n* xorg-x11-server: SELinux context corruption (CVE-2024-0409)\n* xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)\n* xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2024:2170",
"modified": "2024-05-07T14:54:04Z",
"published": "2024-04-30T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2024:2170"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-5367"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6377"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6478"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6816"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-0229"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-0408"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-0409"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-21885"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-21886"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2243091"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2253291"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2253298"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2256540"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2256542"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2256690"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2257689"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2257690"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2257691"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2024-2170.html"
}
],
"related": [
"CVE-2023-5367",
"CVE-2023-6377",
"CVE-2023-6478",
"CVE-2023-6816",
"CVE-2024-0229",
"CVE-2024-0408",
"CVE-2024-0409",
"CVE-2024-21885",
"CVE-2024-21886"
],
"summary": "Moderate: xorg-x11-server-Xwayland security update"
}
alsa-2024:2995
Vulnerability from osv_almalinux
Published
2024-05-22 00:00
Modified
2024-05-29 16:20
Summary
Moderate: xorg-x11-server security update
Details
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.
Security Fix(es):
- xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)
- xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)
- xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)
- xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)
- xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)
- xorg-x11-server: SELinux context corruption (CVE-2024-0409)
- xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)
- xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)
- xorg-x11-server: Use-after-free bug in DestroyWindow (CVE-2023-5380)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "xorg-x11-server-Xdmx"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-22.el8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "xorg-x11-server-Xephyr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-22.el8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "xorg-x11-server-Xnest"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-22.el8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "xorg-x11-server-Xorg"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-22.el8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "xorg-x11-server-Xvfb"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-22.el8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "xorg-x11-server-common"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-22.el8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "xorg-x11-server-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-22.el8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "xorg-x11-server-source"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.11-22.el8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.\n\nSecurity Fix(es):\n\n* xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)\n* xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)\n* xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)\n* xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)\n* xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)\n* xorg-x11-server: SELinux context corruption (CVE-2024-0409)\n* xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)\n* xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)\n* xorg-x11-server: Use-after-free bug in DestroyWindow (CVE-2023-5380)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2024:2995",
"modified": "2024-05-29T16:20:19Z",
"published": "2024-05-22T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2024:2995"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-5367"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-5380"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6377"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6478"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-0229"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-0408"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-0409"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-21885"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-21886"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2243091"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2244736"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2253291"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2253298"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2256540"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2256542"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2256690"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2257689"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2257690"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2024-2995.html"
}
],
"related": [
"CVE-2023-5367",
"CVE-2023-6377",
"CVE-2023-6478",
"CVE-2024-0229",
"CVE-2024-0408",
"CVE-2024-0409",
"CVE-2024-21885",
"CVE-2024-21886",
"CVE-2023-5380"
],
"summary": "Moderate: xorg-x11-server security update"
}
alsa-2024:2996
Vulnerability from osv_almalinux
Published
2024-05-22 00:00
Modified
2024-05-29 16:19
Summary
Moderate: xorg-x11-server-Xwayland security update
Details
Xwayland is an X server for running X clients under Wayland.
Security Fix(es):
- xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)
- xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)
- xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)
- xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)
- xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)
- xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)
- xorg-x11-server: SELinux context corruption (CVE-2024-0409)
- xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)
- xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "xorg-x11-server-Xwayland"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "21.1.3-15.el8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Xwayland is an X server for running X clients under Wayland.\n\nSecurity Fix(es):\n\n* xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)\n* xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)\n* xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)\n* xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)\n* xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)\n* xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)\n* xorg-x11-server: SELinux context corruption (CVE-2024-0409)\n* xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)\n* xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2024:2996",
"modified": "2024-05-29T16:19:03Z",
"published": "2024-05-22T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2024:2996"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-5367"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6377"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6478"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6816"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-0229"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-0408"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-0409"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-21885"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-21886"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2243091"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2253291"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2253298"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2256540"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2256542"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2256690"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2257689"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2257690"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2257691"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2024-2996.html"
}
],
"related": [
"CVE-2023-5367",
"CVE-2023-6377",
"CVE-2023-6478",
"CVE-2023-6816",
"CVE-2024-0229",
"CVE-2024-0408",
"CVE-2024-0409",
"CVE-2024-21885",
"CVE-2024-21886"
],
"summary": "Moderate: xorg-x11-server-Xwayland security update"
}
BDU:2024-00639
Vulnerability from fstec - Published: 16.01.2024
VLAI Severity ?
Title
Уязвимость компонента Privates Handler реализации сервера X Window System X.Org Server, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость компонента Privates Handler реализации сервера X Window System X.Org Server связана с выходом операции за границы буфера в памяти. Эксплуатация уязвимости может позволить нарушителю выполнить произвольный код
Severity ?
Vendor
Red Hat Inc., Сообщество свободного программного обеспечения, ООО «Ред Софт», АО «ИВК», АО «НТЦ ИТ РОСА», Fedora Project, X.Org Foundation
Software Name
Red Hat Enterprise Linux, Debian GNU/Linux, РЕД ОС (запись в едином реестре российских программ №3751), Альт 8 СП (запись в едином реестре российских программ №4305), РОСА Кобальт (запись в едином реестре российских программ №1999), Fedora, РОСА ХРОМ (запись в едином реестре российских программ №1607), АЛЬТ СП 10, X.Org Server, XWayland
Software Version
7 (Red Hat Enterprise Linux), 8 (Red Hat Enterprise Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (РЕД ОС), - (Альт 8 СП), 9 (Red Hat Enterprise Linux), 7.9 (РОСА Кобальт), 39 (Fedora), 12.4 (РОСА ХРОМ), - (АЛЬТ СП 10), до 21.1.11 (X.Org Server), до 23.2.4 (XWayland)
Possible Mitigations
Использование рекомендаций:
Для X.Org Server и XWayland:
https://lists.x.org/archives/xorg/2024-January/061525.html
https://gitlab.freedesktop.org/xorg/xserver/-/commit/9e2ecb2af8302dedc49cb6a63ebe063c58a9e7e3
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/CVE-2024-0409
https://bugzilla.redhat.com/show_bug.cgi?id=2257690
Для Fedora:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/
Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства
Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Для ОС Альт 8 СП (релиз 10): установка обновления из публичного репозитория программного средства
Для ОС РОСА "КОБАЛЬТ": https://abf.rosalinux.ru/advisories/ROSA-SA-2024-2351
Для операционной системы РОСА ХРОМ: https://abf.rosa.ru/advisories/ROSA-SA-2025-2576
Для операционной системы РОСА ХРОМ: https://abf.rosa.ru/advisories/ROSA-SA-2025-2575
Reference
https://access.redhat.com/security/cve/CVE-2024-0409
https://bugzilla.redhat.com/show_bug.cgi?id=2257690
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/
https://lists.x.org/archives/xorg/2024-January/061525.html
https://gitlab.freedesktop.org/xorg/xserver/-/commit/9e2ecb2af8302dedc49cb6a63ebe063c58a9e7e3
https://altsp.su/obnovleniya-bezopasnosti/
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
https://abf.rosalinux.ru/advisories/ROSA-SA-2024-2351
https://abf.rosa.ru/advisories/ROSA-SA-2025-2576
https://abf.rosa.ru/advisories/ROSA-SA-2025-2575
CWE
CWE-787
{
"CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Red Hat Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb, Fedora Project, X.Org Foundation",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7 (Red Hat Enterprise Linux), 8 (Red Hat Enterprise Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), 9 (Red Hat Enterprise Linux), 7.9 (\u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442), 39 (Fedora), 12.4 (\u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c), - (\u0410\u041b\u042c\u0422 \u0421\u041f 10), \u0434\u043e 21.1.11 (X.Org Server), \u0434\u043e 23.2.4 (XWayland)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f X.Org Server \u0438 XWayland:\nhttps://lists.x.org/archives/xorg/2024-January/061525.html\nhttps://gitlab.freedesktop.org/xorg/xserver/-/commit/9e2ecb2af8302dedc49cb6a63ebe063c58a9e7e3\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\t\nhttps://access.redhat.com/security/cve/CVE-2024-0409\t\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2257690\n\n\u0414\u043b\u044f Fedora:\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/\t\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0440\u0435\u043b\u0438\u0437 10): \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f \u041e\u0421 \u0420\u041e\u0421\u0410 \"\u041a\u041e\u0411\u0410\u041b\u042c\u0422\": https://abf.rosalinux.ru/advisories/ROSA-SA-2024-2351\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c: https://abf.rosa.ru/advisories/ROSA-SA-2025-2576\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c: https://abf.rosa.ru/advisories/ROSA-SA-2025-2575",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "16.01.2024",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "05.03.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "24.01.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-00639",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-0409",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Red Hat Enterprise Linux, Debian GNU/Linux, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161999), Fedora, \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161607), \u0410\u041b\u042c\u0422 \u0421\u041f 10, X.Org Server, XWayland",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Red Hat Inc. Red Hat Enterprise Linux 7 , Red Hat Inc. Red Hat Enterprise Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f - (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), Red Hat Inc. Red Hat Enterprise Linux 9 , \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442 7.9 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161999), Fedora Project Fedora 39 , \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c 12.4 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161607), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u041b\u042c\u0422 \u0421\u041f 10 - ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Privates Handler \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 X Window System X.Org Server, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Privates Handler \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 X Window System X.Org Server \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://access.redhat.com/security/cve/CVE-2024-0409\t\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2257690\t\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/\t\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/\nhttps://lists.x.org/archives/xorg/2024-January/061525.html\nhttps://gitlab.freedesktop.org/xorg/xserver/-/commit/9e2ecb2af8302dedc49cb6a63ebe063c58a9e7e3\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\nhttps://abf.rosalinux.ru/advisories/ROSA-SA-2024-2351\nhttps://abf.rosa.ru/advisories/ROSA-SA-2025-2576\nhttps://abf.rosa.ru/advisories/ROSA-SA-2025-2575",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-787",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}
FKIE_CVE-2024-0409
Vulnerability from fkie_nvd - Published: 2024-01-18 16:15 - Updated: 2025-08-29 13:42
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:0320 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:2169 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:2170 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:2995 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:2996 | ||
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2024-0409 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2257690 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2024:0320 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2024:2169 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2024:2170 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2024:2995 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2024:2996 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2024-0409 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2257690 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202401-30 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20240307-0006/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tigervnc | tigervnc | * | |
| x.org | x_server | * | |
| x.org | xwayland | * | |
| fedoraproject | fedora | 39 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_for_ibm_z_systems | 7.0 | |
| redhat | enterprise_linux_for_power_big_endian | 7.0 | |
| redhat | enterprise_linux_for_power_little_endian | 7.0 | |
| redhat | enterprise_linux_for_scientific_computing | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tigervnc:tigervnc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C935C5C-1450-47E2-8736-EDED8D49475D",
"versionEndExcluding": "1.13.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "049C23AF-DFA5-4F08-A3E6-BBBF75581F05",
"versionEndExcluding": "21.1.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE48099-1D7F-444E-8F0C-FAB71F25AD71",
"versionEndExcluding": "23.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "566507B6-AC95-47F7-A3FB-C6F414E45F51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1CDCFF34-6F1D-45A1-BE37-6A0E17B04801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en el servidor X.Org. El c\u00f3digo del cursor tanto en Xephyr como en Xwayland utiliza el tipo incorrecto de privado en el momento de la creaci\u00f3n. Utiliza el tipo de bits del cursor con el cursor como privado y, al iniciar el cursor, sobrescribe el contexto XSELINUX."
}
],
"id": "CVE-2024-0409",
"lastModified": "2025-08-29T13:42:30.557",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-18T16:15:08.593",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:0320"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:2169"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:2170"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:2995"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:2996"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0409"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:0320"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2024:2169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2024:2170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2024:2995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2024:2996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202401-30"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20240307-0006/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-W668-XCXF-V3GG
Vulnerability from github – Published: 2024-01-18 18:30 – Updated: 2024-05-22 18:30
VLAI?
Details
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.
Severity ?
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2024-0409"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-18T16:15:08Z",
"severity": "HIGH"
},
"details": "A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.",
"id": "GHSA-w668-xcxf-v3gg",
"modified": "2024-05-22T18:30:39Z",
"published": "2024-01-18T18:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0409"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:0320"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:2169"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:2170"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:2995"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:2996"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2024-0409"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202401-30"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20240307-0006"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2024-0409
Vulnerability from gsd - Updated: 2024-01-11 06:02Details
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-0409"
],
"details": "A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.",
"id": "GSD-2024-0409",
"modified": "2024-01-11T06:02:11.005359Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2024-0409",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.20.4-27.el7_9",
"versionType": "rpm"
}
]
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Olivier Fourdan for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-787",
"lang": "eng",
"value": "Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/errata/RHSA-2024:0320",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2024:0320"
},
{
"name": "https://access.redhat.com/security/cve/CVE-2024-0409",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/CVE-2024-0409"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html",
"refsource": "MISC",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
},
{
"name": "https://security.gentoo.org/glsa/202401-30",
"refsource": "MISC",
"url": "https://security.gentoo.org/glsa/202401-30"
},
{
"name": "https://security.netapp.com/advisory/ntap-20240307-0006/",
"refsource": "MISC",
"url": "https://security.netapp.com/advisory/ntap-20240307-0006/"
}
]
},
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
]
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tigervnc:tigervnc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C935C5C-1450-47E2-8736-EDED8D49475D",
"versionEndExcluding": "1.13.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "565381E7-E0BD-408F-B970-34E9724B1B08",
"versionEndExcluding": "21.1.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE48099-1D7F-444E-8F0C-FAB71F25AD71",
"versionEndExcluding": "23.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "566507B6-AC95-47F7-A3FB-C6F414E45F51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1CDCFF34-6F1D-45A1-BE37-6A0E17B04801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en el servidor X.Org. El c\u00f3digo del cursor tanto en Xephyr como en Xwayland utiliza el tipo incorrecto de privado en el momento de la creaci\u00f3n. Utiliza el tipo de bits del cursor con el cursor como privado y, al iniciar el cursor, sobrescribe el contexto XSELINUX."
}
],
"id": "CVE-2024-0409",
"lastModified": "2024-03-07T17:15:12.540",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
},
"published": "2024-01-18T16:15:08.593",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:0320"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0409"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/202401-30"
},
{
"source": "secalert@redhat.com",
"url": "https://security.netapp.com/advisory/ntap-20240307-0006/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
}
}
}
MSRC_CVE-2024-0409
Vulnerability from csaf_microsoft - Published: 2024-01-01 08:00 - Updated: 2026-02-18 03:03Summary
Xorg-x11-server: selinux context corruption
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
7.8 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17431-17086 | — | ||
| Unresolved product id: 19982-17086 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2024/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2024/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0409 Xorg-x11-server: selinux context corruption - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-0409.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Xorg-x11-server: selinux context corruption",
"tracking": {
"current_release_date": "2026-02-18T03:03:14.000Z",
"generator": {
"date": "2026-02-18T10:32:28.512Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-0409",
"initial_release_date": "2024-01-01T08:00:00.000Z",
"revision_history": [
{
"date": "2024-09-20T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-02-18T03:03:14.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 xorg-x11-server 1.20.10-12",
"product": {
"name": "\u003ccbl2 xorg-x11-server 1.20.10-12",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 xorg-x11-server 1.20.10-12",
"product": {
"name": "cbl2 xorg-x11-server 1.20.10-12",
"product_id": "17431"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 xorg-x11-server 1.20.10-15",
"product": {
"name": "\u003ccbl2 xorg-x11-server 1.20.10-15",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 xorg-x11-server 1.20.10-15",
"product": {
"name": "cbl2 xorg-x11-server 1.20.10-15",
"product_id": "19982"
}
}
],
"category": "product_name",
"name": "xorg-x11-server"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 xorg-x11-server 1.20.10-12 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 xorg-x11-server 1.20.10-12 as a component of CBL Mariner 2.0",
"product_id": "17431-17086"
},
"product_reference": "17431",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 xorg-x11-server 1.20.10-15 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 xorg-x11-server 1.20.10-15 as a component of CBL Mariner 2.0",
"product_id": "19982-17086"
},
"product_reference": "19982",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-0409",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "general",
"text": "redhat",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"17431-17086",
"19982-17086"
],
"known_affected": [
"17086-2",
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0409 Xorg-x11-server: selinux context corruption - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-0409.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-20T00:00:00.000Z",
"details": "1.20.10-12:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-2",
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"17086-2",
"17086-1"
]
}
],
"title": "Xorg-x11-server: selinux context corruption"
}
]
}
OPENSUSE-SU-2024:13597-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
xorg-x11-server-21.1.11-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: xorg-x11-server-21.1.11-1.1 on GA media
Description of the patch: These are all security issues fixed in the xorg-x11-server-21.1.11-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13597
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.4 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.4 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2023-6816/ | self |
| https://www.suse.com/security/cve/CVE-2024-0229/ | self |
| https://www.suse.com/security/cve/CVE-2024-0408/ | self |
| https://www.suse.com/security/cve/CVE-2024-0409/ | self |
| https://www.suse.com/security/cve/CVE-2024-21885/ | self |
| https://www.suse.com/security/cve/CVE-2024-21886/ | self |
| https://www.suse.com/security/cve/CVE-2023-6816 | external |
| https://bugzilla.suse.com/1218582 | external |
| https://bugzilla.suse.com/1221590 | external |
| https://www.suse.com/security/cve/CVE-2024-0229 | external |
| https://bugzilla.suse.com/1218583 | external |
| https://bugzilla.suse.com/1221590 | external |
| https://www.suse.com/security/cve/CVE-2024-0408 | external |
| https://bugzilla.suse.com/1218845 | external |
| https://www.suse.com/security/cve/CVE-2024-0409 | external |
| https://bugzilla.suse.com/1218846 | external |
| https://www.suse.com/security/cve/CVE-2024-21885 | external |
| https://bugzilla.suse.com/1218584 | external |
| https://bugzilla.suse.com/1221590 | external |
| https://www.suse.com/security/cve/CVE-2024-21886 | external |
| https://bugzilla.suse.com/1218585 | external |
| https://bugzilla.suse.com/1221590 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "xorg-x11-server-21.1.11-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the xorg-x11-server-21.1.11-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13597",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13597-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6816 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0229 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0408 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0409 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0409/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21885 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21886 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21886/"
}
],
"title": "xorg-x11-server-21.1.11-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13597-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-21.1.11-1.1.aarch64",
"product": {
"name": "xorg-x11-server-21.1.11-1.1.aarch64",
"product_id": "xorg-x11-server-21.1.11-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"product": {
"name": "xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"product_id": "xorg-x11-server-Xvfb-21.1.11-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-21.1.11-1.1.aarch64",
"product": {
"name": "xorg-x11-server-extra-21.1.11-1.1.aarch64",
"product_id": "xorg-x11-server-extra-21.1.11-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"product": {
"name": "xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"product_id": "xorg-x11-server-sdk-21.1.11-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-21.1.11-1.1.aarch64",
"product": {
"name": "xorg-x11-server-source-21.1.11-1.1.aarch64",
"product_id": "xorg-x11-server-source-21.1.11-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"product": {
"name": "xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"product_id": "xorg-x11-server-wrapper-21.1.11-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-21.1.11-1.1.ppc64le",
"product": {
"name": "xorg-x11-server-21.1.11-1.1.ppc64le",
"product_id": "xorg-x11-server-21.1.11-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"product": {
"name": "xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"product_id": "xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"product": {
"name": "xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"product_id": "xorg-x11-server-extra-21.1.11-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"product": {
"name": "xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"product_id": "xorg-x11-server-sdk-21.1.11-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-21.1.11-1.1.ppc64le",
"product": {
"name": "xorg-x11-server-source-21.1.11-1.1.ppc64le",
"product_id": "xorg-x11-server-source-21.1.11-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"product": {
"name": "xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"product_id": "xorg-x11-server-wrapper-21.1.11-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-21.1.11-1.1.s390x",
"product": {
"name": "xorg-x11-server-21.1.11-1.1.s390x",
"product_id": "xorg-x11-server-21.1.11-1.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"product": {
"name": "xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"product_id": "xorg-x11-server-Xvfb-21.1.11-1.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-21.1.11-1.1.s390x",
"product": {
"name": "xorg-x11-server-extra-21.1.11-1.1.s390x",
"product_id": "xorg-x11-server-extra-21.1.11-1.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-21.1.11-1.1.s390x",
"product": {
"name": "xorg-x11-server-sdk-21.1.11-1.1.s390x",
"product_id": "xorg-x11-server-sdk-21.1.11-1.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-21.1.11-1.1.s390x",
"product": {
"name": "xorg-x11-server-source-21.1.11-1.1.s390x",
"product_id": "xorg-x11-server-source-21.1.11-1.1.s390x"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"product": {
"name": "xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"product_id": "xorg-x11-server-wrapper-21.1.11-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "xorg-x11-server-21.1.11-1.1.x86_64",
"product": {
"name": "xorg-x11-server-21.1.11-1.1.x86_64",
"product_id": "xorg-x11-server-21.1.11-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"product": {
"name": "xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"product_id": "xorg-x11-server-Xvfb-21.1.11-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-extra-21.1.11-1.1.x86_64",
"product": {
"name": "xorg-x11-server-extra-21.1.11-1.1.x86_64",
"product_id": "xorg-x11-server-extra-21.1.11-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"product": {
"name": "xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"product_id": "xorg-x11-server-sdk-21.1.11-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-source-21.1.11-1.1.x86_64",
"product": {
"name": "xorg-x11-server-source-21.1.11-1.1.x86_64",
"product_id": "xorg-x11-server-source-21.1.11-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "xorg-x11-server-wrapper-21.1.11-1.1.x86_64",
"product": {
"name": "xorg-x11-server-wrapper-21.1.11-1.1.x86_64",
"product_id": "xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.11-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64"
},
"product_reference": "xorg-x11-server-21.1.11-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.11-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le"
},
"product_reference": "xorg-x11-server-21.1.11-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.11-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x"
},
"product_reference": "xorg-x11-server-21.1.11-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-21.1.11-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64"
},
"product_reference": "xorg-x11-server-21.1.11-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.11-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.11-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-Xvfb-21.1.11-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64"
},
"product_reference": "xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.11-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64"
},
"product_reference": "xorg-x11-server-extra-21.1.11-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.11-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le"
},
"product_reference": "xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.11-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x"
},
"product_reference": "xorg-x11-server-extra-21.1.11-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-extra-21.1.11-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64"
},
"product_reference": "xorg-x11-server-extra-21.1.11-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.11-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64"
},
"product_reference": "xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.11-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le"
},
"product_reference": "xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.11-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x"
},
"product_reference": "xorg-x11-server-sdk-21.1.11-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-sdk-21.1.11-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64"
},
"product_reference": "xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-source-21.1.11-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64"
},
"product_reference": "xorg-x11-server-source-21.1.11-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-source-21.1.11-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le"
},
"product_reference": "xorg-x11-server-source-21.1.11-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-source-21.1.11-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x"
},
"product_reference": "xorg-x11-server-source-21.1.11-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-source-21.1.11-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64"
},
"product_reference": "xorg-x11-server-source-21.1.11-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-wrapper-21.1.11-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64"
},
"product_reference": "xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-wrapper-21.1.11-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le"
},
"product_reference": "xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-wrapper-21.1.11-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x"
},
"product_reference": "xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xorg-x11-server-wrapper-21.1.11-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
},
"product_reference": "xorg-x11-server-wrapper-21.1.11-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6816"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device\u0027s particular number of buttons, leading to a heap overflow if a bigger value was used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6816",
"url": "https://www.suse.com/security/cve/CVE-2023-6816"
},
{
"category": "external",
"summary": "SUSE Bug 1218582 for CVE-2023-6816",
"url": "https://bugzilla.suse.com/1218582"
},
{
"category": "external",
"summary": "SUSE Bug 1221590 for CVE-2023-6816",
"url": "https://bugzilla.suse.com/1221590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6816"
},
{
"cve": "CVE-2024-0229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0229"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0229",
"url": "https://www.suse.com/security/cve/CVE-2024-0229"
},
{
"category": "external",
"summary": "SUSE Bug 1218583 for CVE-2024-0229",
"url": "https://bugzilla.suse.com/1218583"
},
{
"category": "external",
"summary": "SUSE Bug 1221590 for CVE-2024-0229",
"url": "https://bugzilla.suse.com/1221590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-0229"
},
{
"cve": "CVE-2024-0408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0408"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0408",
"url": "https://www.suse.com/security/cve/CVE-2024-0408"
},
{
"category": "external",
"summary": "SUSE Bug 1218845 for CVE-2024-0408",
"url": "https://bugzilla.suse.com/1218845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-0408"
},
{
"cve": "CVE-2024-0409",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0409"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0409",
"url": "https://www.suse.com/security/cve/CVE-2024-0409"
},
{
"category": "external",
"summary": "SUSE Bug 1218846 for CVE-2024-0409",
"url": "https://bugzilla.suse.com/1218846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-0409"
},
{
"cve": "CVE-2024-21885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21885"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remote code execution in SSH X11 forwarding environments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21885",
"url": "https://www.suse.com/security/cve/CVE-2024-21885"
},
{
"category": "external",
"summary": "SUSE Bug 1218584 for CVE-2024-21885",
"url": "https://bugzilla.suse.com/1218584"
},
{
"category": "external",
"summary": "SUSE Bug 1221590 for CVE-2024-21885",
"url": "https://bugzilla.suse.com/1221590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-21885"
},
{
"cve": "CVE-2024-21886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21886"
}
],
"notes": [
{
"category": "general",
"text": "A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21886",
"url": "https://www.suse.com/security/cve/CVE-2024-21886"
},
{
"category": "external",
"summary": "SUSE Bug 1218585 for CVE-2024-21886",
"url": "https://bugzilla.suse.com/1218585"
},
{
"category": "external",
"summary": "SUSE Bug 1221590 for CVE-2024-21886",
"url": "https://bugzilla.suse.com/1221590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-Xvfb-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-extra-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-sdk-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-source-21.1.11-1.1.x86_64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.aarch64",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.ppc64le",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.s390x",
"openSUSE Tumbleweed:xorg-x11-server-wrapper-21.1.11-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-21886"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…