Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:ALSA-2024:2170
HistoryApr 30, 2024 - 12:00 a.m.

Moderate: xorg-x11-server-Xwayland security update

2024-04-3000:00:00
Google
osv.dev
3
xwayland
security update
out-of-bounds write
memory reads/writes
heap buffer overflow
selinux
context corruption
cve
almalinux

7.4 High

AI Score

Confidence

High

0.266 Low

EPSS

Percentile

96.7%

JSON

Xwayland is an X server for running X clients under Wayland.

Security Fix(es):

  • xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)
  • xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377)
  • xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478)
  • xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)
  • xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)
  • xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408)
  • xorg-x11-server: SELinux context corruption (CVE-2024-0409)
  • xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)
  • xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

Related

nessus 74
almalinux 7
redhat 18
openvas 46
oraclelinux 11
osv 13
slackware 2
ubuntu 5
rosalinux 3
gentoo 1
centos 3
fedora 7
redos 2
mageia 1
amazon 3
freebsd 2
rocky 1
nessus
nessus
Oracle Linux 9 : xorg-x11-server-Xwayland (ELSA-2024-2170)
2024-05-06 00:00:00
CentOS 8 : xorg-x11-server-Xwayland (CESA-2024:2996)
2024-05-22 00:00:00
EulerOS 2.0 SP11 : xorg-x11-server (EulerOS-SA-2024-1254)
2024-03-12 00:00:00
almalinux
almalinux
Moderate: xorg-x11-server-Xwayland security update
2024-04-30 00:00:00
Moderate: xorg-x11-server-Xwayland security update
2024-05-22 00:00:00
Moderate: xorg-x11-server security update
2024-04-30 00:00:00
redhat
redhat
(RHSA-2024:2170) Moderate: xorg-x11-server-Xwayland security update
2024-04-30 06:14:56
(RHSA-2024:2996) Moderate: xorg-x11-server-Xwayland security update
2024-05-22 06:35:18
(RHSA-2024:2995) Moderate: xorg-x11-server security update
2024-05-22 06:35:18
openvas
openvas
Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2024-1330)
2024-03-13 00:00:00
Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2024-1781)
2024-05-30 00:00:00
Slackware: Security Advisory (SSA:2024-021-01)
2024-01-22 00:00:00
oraclelinux
oraclelinux
xorg-x11-server-Xwayland security update
2024-05-02 00:00:00
xorg-x11-server-Xwayland security update
2024-05-23 00:00:00
xorg-x11-server security update
2024-05-23 00:00:00
osv
osv
Moderate: xorg-x11-server-Xwayland security update
2024-05-22 00:00:00
xorg-server, xwayland regression
2024-02-01 13:22:21
xorg-server vulnerabilities
2024-03-13 20:19:27
slackware
slackware
[slackware-security] tigervnc
2024-01-21 20:53:54
[slackware-security] xorg-server
2024-01-16 20:56:51
ubuntu
ubuntu
X.Org X Server vulnerabilities
2024-01-22 00:00:00
X.Org X Server regression
2024-01-30 00:00:00
X.Org X Server vulnerabilities
2024-03-13 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2351
2024-02-20 09:31:11
Advisory ROSA-SA-2024-2352
2024-02-20 09:34:57
Advisory ROSA-SA-2024-2324
2024-01-23 12:14:57
gentoo
gentoo
X.Org X Server, XWayland: Multiple Vulnerabilities
2024-01-31 00:00:00
centos
centos
xorg security update
2024-01-26 18:10:28
tigervnc security update
2024-02-05 19:31:03
xorg security update
2024-01-12 19:00:25
fedora
fedora
[SECURITY] Fedora 39 Update: tigervnc-1.13.1-11.fc39
2024-01-22 01:16:00
[SECURITY] Fedora 39 Update: xorg-x11-server-1.20.14-29.fc39
2024-01-22 01:16:00
[SECURITY] Fedora 39 Update: xorg-x11-server-Xwayland-23.2.4-1.fc39
2024-01-19 02:43:04
redos
redos
ROS-20240329-09
2024-03-29 00:00:00
ROS-20240408-08
2024-04-08 00:00:00
mageia
mageia
Updated x11-server, x11-server-xwayland and tigervnc fix security issues
2024-02-04 05:49:27
amazon
amazon
Important: xorg-x11-server
2024-02-15 03:52:00
Important: xorg-x11-server
2024-04-25 16:04:00
Important: xorg-x11-server
2024-01-03 21:04:00
freebsd
freebsd
xorg server -- Multiple vulnerabilities
2024-01-16 00:00:00
xorg-server -- Multiple vulnerabilities
2023-12-13 00:00:00
rocky
rocky
tigervnc security update
2024-02-12 20:17:26

7.4 High

AI Score

Confidence

High

0.266 Low

EPSS

Percentile

96.7%

JSON
Related for OSV:ALSA-2024:2170
nessus74almalinux7redhat18openvas46oraclelinux11osv13slackware2ubuntu5rosalinux3gentoo1centos3fedora7redos2mageia1amazon3freebsd2rocky1