CVE-2024-9632 - Vulnerability Details

A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00056.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Redhat	Enterprise Linux Rhel Aus Rhel E4s Rhel Els Rhel Eus Rhel Tus

No data.

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 10
xorg-x11-server-Xwayland-0:24.1.5-3.el10_0	cpe:/o:redhat:enterprise_linux:10.0	RHSA-2025:7458	2025-05-13T00:00:00Z
Red Hat Enterprise Linux 7 Extended Lifecycle Support
tigervnc-0:1.8.0-34.el7_9	cpe:/o:redhat:rhel_els:7	RHSA-2024:9901	2024-11-18T00:00:00Z
Red Hat Enterprise Linux 8
xorg-x11-server-0:1.20.11-25.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:8798	2024-11-04T00:00:00Z
xorg-x11-server-Xwayland-0:21.1.3-17.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:8798	2024-11-04T00:00:00Z
tigervnc-0:1.13.1-14.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:9540	2024-11-13T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support
tigervnc-0:1.9.0-15.el8_2.12	cpe:/a:redhat:rhel_aus:8.2	RHSA-2024:9818	2024-11-18T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
tigervnc-0:1.11.0-8.el8_4.11	cpe:/a:redhat:rhel_aus:8.4	RHSA-2024:9819	2024-11-18T00:00:00Z
Red Hat Enterprise Linux 8.4 Telecommunications Update Service
tigervnc-0:1.11.0-8.el8_4.11	cpe:/a:redhat:rhel_tus:8.4	RHSA-2024:9819	2024-11-18T00:00:00Z
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
tigervnc-0:1.11.0-8.el8_4.11	cpe:/a:redhat:rhel_e4s:8.4	RHSA-2024:9819	2024-11-18T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
tigervnc-0:1.12.0-6.el8_6.12	cpe:/a:redhat:rhel_aus:8.6	RHSA-2024:9820	2024-11-18T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
tigervnc-0:1.12.0-6.el8_6.12	cpe:/a:redhat:rhel_tus:8.6	RHSA-2024:9820	2024-11-18T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
tigervnc-0:1.12.0-6.el8_6.12	cpe:/a:redhat:rhel_e4s:8.6	RHSA-2024:9820	2024-11-18T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
tigervnc-0:1.12.0-15.el8_8.11	cpe:/a:redhat:rhel_eus:8.8	RHSA-2024:9690	2024-11-14T00:00:00Z
Red Hat Enterprise Linux 9
tigervnc-0:1.14.1-1.el9_5	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:10090	2024-11-20T00:00:00Z
xorg-x11-server-0:1.20.11-28.el9_6	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:7163	2025-05-13T00:00:00Z
xorg-x11-server-Xwayland-0:23.2.7-3.el9_6	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:7165	2025-05-13T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
tigervnc-0:1.11.0-22.el9_0.12	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2024:9601	2024-11-13T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
tigervnc-0:1.12.0-14.el9_2.9	cpe:/a:redhat:rhel_eus:9.2	RHSA-2024:9579	2024-11-13T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support
tigervnc-0:1.13.1-8.el9_4.4	cpe:/a:redhat:rhel_eus:9.4	RHSA-2024:9816	2024-11-18T00:00:00Z

No data.

Advisories

Source	ID	Title
Debian DLA	DLA-3940-1	xorg-server security update
Debian DSA	DSA-5800-1	xorg-server security update
EUVD	EUVD-2024-50449	A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.
Ubuntu USN	USN-7085-1	X.Org X Server vulnerability
Ubuntu USN	USN-7085-2	X.Org X Server vulnerability

Fixes

Solution

No solution given by the vendor.

Workaround

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

References

Link	Providers
http://seclists.org/fulldisclosure/2024/Oct/20
http://www.openwall.com/lists/oss-security/2024/10/29/2
https://access.redhat.com/errata/RHSA-2024:10090
https://access.redhat.com/errata/RHSA-2024:8798
https://access.redhat.com/errata/RHSA-2024:9540
https://access.redhat.com/errata/RHSA-2024:9579
https://access.redhat.com/errata/RHSA-2024:9601
https://access.redhat.com/errata/RHSA-2024:9690
https://access.redhat.com/errata/RHSA-2024:9816
https://access.redhat.com/errata/RHSA-2024:9818
https://access.redhat.com/errata/RHSA-2024:9819
https://access.redhat.com/errata/RHSA-2024:9820
https://access.redhat.com/errata/RHSA-2024:9901
https://access.redhat.com/errata/RHSA-2025:12751
https://access.redhat.com/errata/RHSA-2025:7163
https://access.redhat.com/errata/RHSA-2025:7165
https://access.redhat.com/errata/RHSA-2025:7458
https://access.redhat.com/security/cve/CVE-2024-9632
https://bugzilla.redhat.com/show_bug.cgi?id=2317233
https://lists.debian.org/debian-lts-announce/2024/10/msg00031.html
https://nvd.nist.gov/vuln/detail/CVE-2024-9632
https://www.cve.org/CVERecord?id=CVE-2024-9632

History

Mon, 04 Aug 2025 21:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/o:redhat:rhel_els:6
References		https://access.redhat.com/errata/RHSA-2025:12751

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.0008}`	epss `{'score': 0.0005}`

Tue, 13 May 2025 20:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/o:redhat:enterprise_linux:10.0
References		https://access.redhat.com/errata/RHSA-2025:7458

Tue, 13 May 2025 14:30:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/o:redhat:enterprise_linux:9~~	cpe:/a:redhat:enterprise_linux:9::crb
References		https://access.redhat.com/errata/RHSA-2025:7163 https://access.redhat.com/errata/RHSA-2025:7165

Tue, 26 Nov 2024 17:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/o:redhat:enterprise_linux:6

Fri, 22 Nov 2024 15:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:9 cpe:/a:redhat:rhel_aus:8.2 cpe:/a:redhat:rhel_aus:8.4 cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.4 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_eus:9.4 cpe:/a:redhat:rhel_tus:8.4 cpe:/a:redhat:rhel_tus:8.6

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		http://seclists.org/fulldisclosure/2024/Oct/20 http://www.openwall.com/lists/oss-security/2024/10/29/2 https://lists.debian.org/debian-lts-announce/2024/10/msg00031.html

Thu, 21 Nov 2024 19:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Aus Redhat rhel Els Redhat rhel Tus
CPEs	~~cpe:/o:redhat:enterprise_linux:8~~	cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus:8.8::appstream cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/o:redhat:rhel_els:7
Vendors & Products		Redhat rhel Aus Redhat rhel Els Redhat rhel Tus
References		https://access.redhat.com/errata/RHSA-2024:10090 https://access.redhat.com/errata/RHSA-2024:9540 https://access.redhat.com/errata/RHSA-2024:9690 https://access.redhat.com/errata/RHSA-2024:9816 https://access.redhat.com/errata/RHSA-2024:9818 https://access.redhat.com/errata/RHSA-2024:9819 https://access.redhat.com/errata/RHSA-2024:9820 https://access.redhat.com/errata/RHSA-2024:9901

Sat, 16 Nov 2024 02:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_eus:8.8

Thu, 14 Nov 2024 02:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_e4s:9.0 cpe:/a:redhat:rhel_eus:9.2

Wed, 13 Nov 2024 19:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel E4s
CPEs		cpe:/a:redhat:rhel_e4s:9.0::appstream
Vendors & Products		Redhat rhel E4s
References		https://access.redhat.com/errata/RHSA-2024:9601

Wed, 13 Nov 2024 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Eus
CPEs		cpe:/a:redhat:rhel_eus:9.2::appstream
Vendors & Products		Redhat rhel Eus
References		https://access.redhat.com/errata/RHSA-2024:9579

Tue, 05 Nov 2024 02:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:8

Mon, 04 Nov 2024 23:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:8::appstream cpe:/a:redhat:enterprise_linux:8::crb
References		https://access.redhat.com/errata/RHSA-2024:8798

Wed, 30 Oct 2024 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 30 Oct 2024 07:45:00 +0000

Type	Values Removed	Values Added
Title	xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability	Xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux
References		https://access.redhat.com/security/cve/CVE-2024-9632 https://bugzilla.redhat.com/show_bug.cgi?id=2317233

Wed, 30 Oct 2024 01:45:00 +0000

Type	Values Removed	Values Added
Description		A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.
Title		xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability
Weaknesses		CWE-122
References		https://nvd.nist.gov/vuln/detail/CVE-2024-9632 https://www.cve.org/CVERecord?id=CVE-2024-9632
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Important`

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-10-30T07:42:35.320Z

Updated: 2025-08-04T21:04:39.557Z

Reserved: 2024-10-08T13:45:31.259Z

Link: CVE-2024-9632

Vulnrichment

Updated: 2024-10-31T19:02:24.167Z

NVD

Status : Awaiting Analysis

Published: 2024-10-30T08:15:04.830

Modified: 2025-08-04T21:15:29.537

Link: CVE-2024-9632

Redhat

Severity : Important

Publid Date: 2024-10-29T00:00:00Z

Links: CVE-2024-9632 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object