CVE-2024-21886

CVSS V2 None CVSS V3 None

Description

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments.

Overview

CVE ID
CVE-2024-21886

Assigner
redhat

Vulnerability Status
PUBLISHED

Published Version
2024-02-28T12:13:12.555Z

Last Modified Date
2024-06-04T17:37:54.900Z

Weakness Enumerations

CWE	URL
CWE-122	http://cwe.mitre.org/data/definitions/122.html

References

Reference URL	Reference Tags
https://access.redhat.com/errata/RHSA-2024:0320	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0557	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0558	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0597	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0607	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0614	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0617	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0621	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0626	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0629	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2169	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2170	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2995	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2996	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-21886	vdb-entry x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2256542	issue-tracking x_refsource_REDHAT

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-21886
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886

History

Created	Old Value	New Value	Data Type	Notes
2024-06-26 15:19:07				Added to TrackCVE