Xorg-x11-server: use-after-free in procrenderaddglyphs
CVE-2024-31083

7.8HIGH

Key Information:

Vendor: Red Hat
Status: Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 8.2 Advanced Update Support; Red Hat Enterprise Linux 8.2 Telecommunications Update Service
Vendor: CVE Published:; 5 April 2024

Summary

A vulnerability has been identified in the ProcRenderAddGlyphs() function of Xorg servers, which stems from improper handling of glyphs during message processing. When AllocateGlyph() is invoked to manage new glyphs sent from clients to the X server, it results in multiple pointers pointing to non-refcounted glyphs. This mismanagement can lead to scenarios where ProcRenderAddGlyphs() unintentionally frees a glyph still in use, causing a potential use-after-free condition. An authenticated user may exploit this flaw by crafting specific requests, thereby enabling them to execute arbitrary code on affected systems.

Affected Version(s)

Red Hat Enterprise Linux 7 0:1.20.4-29.el7_9

Red Hat Enterprise Linux 7 0:1.8.0-33.el7_9

Red Hat Enterprise Linux 8 0:1.13.1-2.el8_9.10

References

http://www.openwall.com/lists/oss-security/2024/04/03/13

http://www.openwall.com/lists/oss-security/2024/04/12/10

https://access.redhat.com/errata/RHSA-2024:1785

vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 5, 2024

Collectors

NVD DatabaseMitre Database