Xorg-x11-server: selinux context corruption
CVE-2024-0409

7.8HIGH

Key Information:

Vendor: Red Hat
Status: Xorg-server; Xwayland; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 6
Vendor: CVE Published:; 18 January 2024

Summary

A vulnerability exists within the X.Org server that affects the cursor code utilized in both Xephyr and Xwayland. The issue arises from the use of an incorrect type of private at the cursor's creation, specifically using the cursor bits type. This misconfiguration leads to overwriting of the XSELINUX context during the cursor initialization process, potentially compromising system security and functionality. Users of these products should evaluate their configurations and consider applying relevant patches to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Red Hat Enterprise Linux 7 0:1.20.4-27.el7_9

xorg-server 21.1.11

xwayland 23.2.4

References

https://access.redhat.com/errata/RHSA-2024:0320

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/security/cve/CVE-2024-0409

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2257690

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 18, 2024
Vulnerability Reserved
Jan 10, 2024

Collectors

NVD DatabaseMitre Database

Credit

Red Hat would like to thank Olivier Fourdan for reporting this issue.