Xorg-x11-server: heap buffer overread/data leakage in procxigetselectedevents
CVE-2024-31080

7.3HIGH

Key Information:

Status
Red Hat Enterprise Linux 6 Extended Lifecycle Support - Extension
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Vendor
CVE Published:
4 April 2024

What is CVE-2024-31080?

A vulnerability exists within the X.org server's ProcXIGetSelectedEvents() function due to a heap-based buffer over-read caused by improper handling of byte-swapped length values in replies. This issue can lead to unintended memory leakage and potential segmentation faults, especially when a malicious client with a different endianness triggers the condition. Although attackers cannot control the exact memory content being read, they can exploit this flaw to initiate out-of-bounds reads, causing the X server to access and potentially transmit sensitive heap memory values back to the client. This scenario may ultimately lead to a crash due to accessing unmapped memory pages.

References

https://access.redhat.com/errata/RHSA-2024:1785
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2036
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2037
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.