Lucene search
RedhatCVELIST:CVE-2024-31080HistoryApr 04, 2024 - 1:47 p.m.
CVE-2024-31080 Xorg-x11-server: heap buffer overread/data leakage in procxigetselectedevents
2024-04-0413:47:33
CWE-126
redhat
raw.githubusercontent.com
4
x.org
server
buffer
over-read
vulnerability
byte-swapped
memory leakage
segmentation faults
endianness
exploitation
A heap-based buffer over-read vulnerability was found in the X.org server’s ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker’s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
Related
cve
cve
CVE-2024-31080
2024-04-04 14:15:10
debiancve
debiancve
CVE-2024-31080
2024-04-04 14:15:10
wolfi
wolfi
CVE-2024-31080 vulnerabilities
2024-06-02 09:07:39
redhatcve
redhatcve
CVE-2024-31080
2024-04-04 08:37:31
veracode
veracode
Buffer Over-read
2024-04-11 02:44:05
cgr
cgr
CVE-2024-31080 vulnerabilities
2024-05-19 03:07:16
alpinelinux
alpinelinux
CVE-2024-31080
2024-04-04 14:15:10
ubuntucve
ubuntucve
CVE-2024-31080
2024-03-04 00:00:00
nessus
nessus
Oracle Linux 7 : tigervnc (ELSA-2024-2080)
2024-04-29 00:00:00
Fedora 38 : xorg-x11-server-Xwayland (2024-1706127797)
2024-04-24 00:00:00
RHEL 9 : tigervnc (RHSA-2024:2616)
2024-04-30 00:00:00
osv
osv
xorg-server - security update
2024-04-12 00:00:00
Important: tigervnc security update
2024-05-10 14:32:42
Important: xorg-x11-server-Xwayland security update
2024-05-23 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3787-1)
2024-04-15 00:00:00
Debian: Security Advisory (DSA-5657-1)
2024-04-15 00:00:00
Mageia: Security Advisory (MGASA-2024-0121)
2024-04-12 00:00:00
redhat
redhat
(RHSA-2024:3261) Important: tigervnc security update
2024-05-22 10:41:22
(RHSA-2024:3258) Moderate: xorg-x11-server security update
2024-05-22 10:41:21
(RHSA-2024:2080) Important: tigervnc security update
2024-04-29 01:07:43
amazon
amazon
Important: xorg-x11-server
2024-04-11 01:07:00
Important: tigervnc
2024-04-11 01:07:00
freebsd
freebsd
xorg server -- Multiple vulnerabilities
2024-04-03 00:00:00
oraclelinux
oraclelinux
X.Org server security update
2024-04-11 00:00:00
tigervnc security update
2024-04-24 00:00:00
tigervnc security update
2024-04-29 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: xorg-x11-server-Xwayland-22.1.9-7.fc38
2024-04-24 01:36:56
[SECURITY] Fedora 40 Update: xorg-x11-server-Xwayland-23.2.6-1.fc40
2024-04-19 21:43:34
[SECURITY] Fedora 39 Update: xorg-x11-server-Xwayland-23.2.6-1.fc39
2024-04-24 01:18:17
almalinux
almalinux
Important: tigervnc security update
2024-05-22 00:00:00
Important: tigervnc security update
2024-04-30 00:00:00
Important: xorg-x11-server-Xwayland security update
2024-05-23 00:00:00
rocky
rocky
tigervnc security update
2024-05-10 14:32:42
tigervnc security update
2024-05-06 13:04:21
debian
debian
[SECURITY] [DLA 3787-1] xorg-server security update
2024-04-15 13:23:10
[SECURITY] [DSA 5657-1] xorg-server security update
2024-04-12 20:32:08
mageia
mageia
ubuntu
ubuntu
X.Org X Server regression
2024-04-09 00:00:00
X.Org X Server vulnerabilities
2024-04-04 00:00:00
redos
redos
ROS-20240507-07
2024-05-07 00:00:00
slackware
slackware
[slackware-security] xorg-server
2024-04-03 22:25:44
[slackware-security] tigervnc
2024-04-05 20:14:40