A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Redhat |
|
No data.
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| Red Hat Enterprise Linux 7 | |||
| xorg-x11-server-0:1.20.4-27.el7_9 | cpe:/o:redhat:enterprise_linux:7 | RHSA-2024:0320 | 2024-01-22T00:00:00Z |
| tigervnc-0:1.8.0-31.el7_9 | cpe:/o:redhat:enterprise_linux:7 | RHSA-2024:0629 | 2024-01-31T00:00:00Z |
| Red Hat Enterprise Linux 8 | |||
| tigervnc-0:1.13.1-2.el8_9.7 | cpe:/a:redhat:enterprise_linux:8 | RHSA-2024:0607 | 2024-01-30T00:00:00Z |
| xorg-x11-server-0:1.20.11-22.el8 | cpe:/a:redhat:enterprise_linux:8 | RHSA-2024:2995 | 2024-05-22T00:00:00Z |
| xorg-x11-server-Xwayland-0:21.1.3-15.el8 | cpe:/a:redhat:enterprise_linux:8 | RHSA-2024:2996 | 2024-05-22T00:00:00Z |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | |||
| tigervnc-0:1.9.0-15.el8_2.9 | cpe:/a:redhat:rhel_aus:8.2 | RHSA-2024:0617 | 2024-01-31T00:00:00Z |
| Red Hat Enterprise Linux 8.2 Telecommunications Update Service | |||
| tigervnc-0:1.9.0-15.el8_2.9 | cpe:/a:redhat:rhel_tus:8.2 | RHSA-2024:0617 | 2024-01-31T00:00:00Z |
| Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | |||
| tigervnc-0:1.9.0-15.el8_2.9 | cpe:/a:redhat:rhel_e4s:8.2 | RHSA-2024:0617 | 2024-01-31T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | |||
| tigervnc-0:1.11.0-8.el8_4.8 | cpe:/a:redhat:rhel_aus:8.4 | RHSA-2024:0558 | 2024-01-30T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | |||
| tigervnc-0:1.11.0-8.el8_4.8 | cpe:/a:redhat:rhel_tus:8.4 | RHSA-2024:0558 | 2024-01-30T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | |||
| tigervnc-0:1.11.0-8.el8_4.8 | cpe:/a:redhat:rhel_e4s:8.4 | RHSA-2024:0558 | 2024-01-30T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Extended Update Support | |||
| tigervnc-0:1.12.0-6.el8_6.9 | cpe:/a:redhat:rhel_eus:8.6 | RHSA-2024:0621 | 2024-01-30T00:00:00Z |
| Red Hat Enterprise Linux 8.8 Extended Update Support | |||
| tigervnc-0:1.12.0-15.el8_8.7 | cpe:/a:redhat:rhel_eus:8.8 | RHSA-2024:0597 | 2024-01-30T00:00:00Z |
| Red Hat Enterprise Linux 9 | |||
| tigervnc-0:1.13.1-3.el9_3.6 | cpe:/a:redhat:enterprise_linux:9 | RHSA-2024:0557 | 2024-01-30T00:00:00Z |
| xorg-x11-server-0:1.20.11-24.el9 | cpe:/a:redhat:enterprise_linux:9 | RHSA-2024:2169 | 2024-04-30T00:00:00Z |
| xorg-x11-server-Xwayland-0:22.1.9-5.el9 | cpe:/a:redhat:enterprise_linux:9 | RHSA-2024:2170 | 2024-04-30T00:00:00Z |
| Red Hat Enterprise Linux 9.0 Extended Update Support | |||
| tigervnc-0:1.11.0-22.el9_0.8 | cpe:/a:redhat:rhel_eus:9.0 | RHSA-2024:0614 | 2024-01-30T00:00:00Z |
| Red Hat Enterprise Linux 9.2 Extended Update Support | |||
| tigervnc-0:1.12.0-14.el9_2.5 | cpe:/a:redhat:rhel_eus:9.2 | RHSA-2024:0626 | 2024-01-31T00:00:00Z |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2024-02-28T12:13:12.555Z
Updated: 2024-09-16T15:31:10.896Z
Reserved: 2024-01-02T21:57:08.796Z
Link: CVE-2024-21886
Vulnrichment
Updated: 2024-08-01T22:35:33.404Z
NVD
Status : Awaiting Analysis
Published: 2024-02-28T13:15:08.440
Modified: 2024-05-22T17:16:14.343
Link: CVE-2024-21886
Redhat