CVE-2024-31082

🗓️ 04 Apr 2024 13:48:34Reported by redhatType

A heap-based buffer over-read vulnerability in X.org server's ProcAppleDRICreatePixmap() function could lead to memory leakage and segmentation faults when byte-swapped length values are used in replies

Reporter	Title	Published	Views	Family All 90
AlpineLinux	CVE-2024-31082	4 Apr 202413:48	–	alpinelinux
CBLMariner	CVE-2024-31082 affecting package xorg-x11-server for versions less than 1.20.10-11	18 Aug 202414:44	–	cbl_mariner
Chainguard	CVE-2024-31082 vulnerabilities	4 Apr 202414:15	–	cgr
Circl	CVE-2024-31082	5 Jul 202503:15	–	circl
CNNVD	X.org server 安全漏洞	4 Apr 202400:00	–	cnnvd
Cvelist	CVE-2024-31082 Xorg-x11-server: heap buffer overread/data leakage in procappledricreatepixmap	4 Apr 202413:48	–	cvelist
Debian CVE	CVE-2024-31082	4 Apr 202413:48	–	debiancve
Oracle linux	X.Org server security update	11 Apr 202400:00	–	oraclelinux
Oracle linux	tigervnc security update	29 Apr 202400:00	–	oraclelinux
Oracle linux	xorg-x11-server security update	29 May 202400:00	–	oraclelinux

[
  {
    "repo": "https://gitlab.freedesktop.org/xorg/xserver/",
    "versions": [
      {
        "status": "affected",
        "version": "1.12.0",
        "lessThan": "21.1.12",
        "versionType": "semver"
      }
    ],
    "packageName": "xorg-server",
    "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver/",
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tigervnc",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "xorg-x11-server",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "xorg-x11-server-Xwayland",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tigervnc",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "xorg-x11-server",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tigervnc",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "xorg-x11-server",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tigervnc",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "xorg-x11-server",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "xorg-x11-server-Xwayland",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "tigervnc",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "xorg-x11-server",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "xorg-x11-server-Xwayland",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  }
]

Source	Link
lists	www.lists.x.org/archives/xorg-announce/2024-April/003497.html
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/security/cve/CVE-2024-31082
openwall	www.openwall.com/lists/oss-security/2024/04/12/10
openwall	www.openwall.com/lists/oss-security/2024/04/03/13

15 Apr 2026 00:35Current

7.2High risk

Vulners AI Score7.2

CVSS 3.17.3

EPSS0.00042

SSVC

CWE-126