A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remote code execution in SSH X11 forwarding environments.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Redhat
  • Enterprise Linux
  • Rhel Aus
  • Rhel E4s
  • Rhel Eus
  • Rhel Tus

No data.

Package CPE Advisory Released Date
Red Hat Enterprise Linux 7
xorg-x11-server-0:1.20.4-27.el7_9 cpe:/o:redhat:enterprise_linux:7 RHSA-2024:0320 2024-01-22T00:00:00Z
tigervnc-0:1.8.0-31.el7_9 cpe:/o:redhat:enterprise_linux:7 RHSA-2024:0629 2024-01-31T00:00:00Z
Red Hat Enterprise Linux 8
tigervnc-0:1.13.1-2.el8_9.7 cpe:/a:redhat:enterprise_linux:8 RHSA-2024:0607 2024-01-30T00:00:00Z
xorg-x11-server-0:1.20.11-22.el8 cpe:/a:redhat:enterprise_linux:8 RHSA-2024:2995 2024-05-22T00:00:00Z
xorg-x11-server-Xwayland-0:21.1.3-15.el8 cpe:/a:redhat:enterprise_linux:8 RHSA-2024:2996 2024-05-22T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support
tigervnc-0:1.9.0-15.el8_2.9 cpe:/a:redhat:rhel_aus:8.2 RHSA-2024:0617 2024-01-31T00:00:00Z
Red Hat Enterprise Linux 8.2 Telecommunications Update Service
tigervnc-0:1.9.0-15.el8_2.9 cpe:/a:redhat:rhel_tus:8.2 RHSA-2024:0617 2024-01-31T00:00:00Z
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
tigervnc-0:1.9.0-15.el8_2.9 cpe:/a:redhat:rhel_e4s:8.2 RHSA-2024:0617 2024-01-31T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
tigervnc-0:1.11.0-8.el8_4.8 cpe:/a:redhat:rhel_aus:8.4 RHSA-2024:0558 2024-01-30T00:00:00Z
Red Hat Enterprise Linux 8.4 Telecommunications Update Service
tigervnc-0:1.11.0-8.el8_4.8 cpe:/a:redhat:rhel_tus:8.4 RHSA-2024:0558 2024-01-30T00:00:00Z
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
tigervnc-0:1.11.0-8.el8_4.8 cpe:/a:redhat:rhel_e4s:8.4 RHSA-2024:0558 2024-01-30T00:00:00Z
Red Hat Enterprise Linux 8.6 Extended Update Support
tigervnc-0:1.12.0-6.el8_6.9 cpe:/a:redhat:rhel_eus:8.6 RHSA-2024:0621 2024-01-30T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
tigervnc-0:1.12.0-15.el8_8.7 cpe:/a:redhat:rhel_eus:8.8 RHSA-2024:0597 2024-01-30T00:00:00Z
Red Hat Enterprise Linux 9
tigervnc-0:1.13.1-3.el9_3.6 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:0557 2024-01-30T00:00:00Z
xorg-x11-server-0:1.20.11-24.el9 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:2169 2024-04-30T00:00:00Z
xorg-x11-server-Xwayland-0:22.1.9-5.el9 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:2170 2024-04-30T00:00:00Z
Red Hat Enterprise Linux 9.0 Extended Update Support
tigervnc-0:1.11.0-22.el9_0.8 cpe:/a:redhat:rhel_eus:9.0 RHSA-2024:0614 2024-01-30T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
tigervnc-0:1.12.0-14.el9_2.5 cpe:/a:redhat:rhel_eus:9.2 RHSA-2024:0626 2024-01-31T00:00:00Z
References
Link Providers
https://access.redhat.com/errata/RHSA-2024:0320 cve-icon cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0557 cve-icon cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0558 cve-icon cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0597 cve-icon cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0607 cve-icon cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0614 cve-icon cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0617 cve-icon cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0621 cve-icon cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0626 cve-icon cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0629 cve-icon cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2169 cve-icon cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2170 cve-icon cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2995 cve-icon cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2996 cve-icon cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2024-21885 cve-icon cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2256540 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-21885 cve-icon
https://security.netapp.com/advisory/ntap-20240503-0004/ cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-21885 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-02-28T12:11:59.650Z

Updated: 2024-09-16T15:31:08.905Z

Reserved: 2024-01-02T21:57:08.796Z

Link: CVE-2024-21885

cve-icon Vulnrichment

Updated: 2024-08-01T22:35:33.394Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-02-28T13:15:08.197

Modified: 2024-09-16T16:15:13.080

Link: CVE-2024-21885

cve-icon Redhat

Severity : Important

Publid Date: 2024-01-16T00:00:00Z

Links: CVE-2024-21885 - Bugzilla