CVE-2024-0409: Xorg-x11-server: selinux context corruption
First published: Wed Jan 10 2024(Updated: )
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/xorg-server | <21.1.11 | 21.1.11 |
| redhat/xwayland | <23.2.4 | 23.2.4 |
| debian/xorg-server | 2:1.20.11-1+deb11u13 2:1.20.11-1+deb11u15 2:21.1.7-3+deb12u9 2:21.1.16-1 | |
| debian/xwayland | <=2:22.1.9-1 | 2:24.1.6-1 |
| Tigervnc | <1.13.1 | |
| X.Org Xserver | <21.1.11 | |
| Red Hat Xorg-x11-server-xwayland | <23.2.4 | |
| Red Hat Fedora | =39 | |
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux | =9.0 | |
| Red Hat Enterprise Linux Desktop | =7.0 | |
| Red Hat Enterprise Linux for IBM Z Systems | =7.0 | |
| Red Hat Enterprise Linux for Power, big endian | =7.0 | |
| Red Hat Enterprise Linux for Power, little endian | =7.0 | |
| Red Hat Enterprise Linux for Scientific Computing | =7.0 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| Red Hat Enterprise Linux Workstation | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2024:0320
- https://access.redhat.com/errata/RHSA-2024:2169
- https://access.redhat.com/errata/RHSA-2024:2170
- https://access.redhat.com/errata/RHSA-2024:2995
- https://access.redhat.com/errata/RHSA-2024:2996
- https://access.redhat.com/security/cve/CVE-2024-0409
- https://bugzilla.redhat.com/show_bug.cgi?id=2257690
- https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/
- https://security.gentoo.org/glsa/202401-30
- https://security.netapp.com/advisory/ntap-20240307-0006/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2258978
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2258977
- https://launchpad.net/bugs/cve/CVE-2024-0409
- https://lists.x.org/archives/xorg/2024-January/061525.html
- https://gitlab.freedesktop.org/xorg/xserver/-/commit/2ef0f1116c65d5cb06d7b6d83f8a1aea702c94f7
- https://security-tracker.debian.org/tracker/CVE-2024-0409
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409
- https://nvd.nist.gov/vuln/detail/CVE-2024-0409
- https://ubuntu.com/security/CVE-2024-0409
Frequently Asked Questions
What is the severity of CVE-2024-0409?
CVE-2024-0409 has been classified with a moderate severity level due to the potential impact on system security.
How do I fix CVE-2024-0409?
To remediate CVE-2024-0409, update the xorg-server to version 21.1.11 or later and xwayland to version 23.2.4 or later.
Which systems are affected by CVE-2024-0409?
CVE-2024-0409 affects versions of xorg-server prior to 21.1.11 and xwayland prior to 23.2.4, as well as specific versions of Red Hat and Debian systems.
What is the nature of the vulnerability in CVE-2024-0409?
CVE-2024-0409 involves a flaw in the cursor code of the X.Org server, which can overwrite the XSELINUX context.
Is CVE-2024-0409 related to other vulnerabilities?
CVE-2024-0409 may have implications for system integrity, particularly in environments utilizing SELinux configurations.
- agent/type
- agent/weakness
- agent/title
- agent/first-publish-date
- agent/severity
- agent/author
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2024-0409
- agent/software-canonical-lookup
- collector/launchpad-cve
- source/Launchpad
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- agent/source
- agent/event
- collector/security-tracker-debian
- source/Debian
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-cve
- agent/softwarecombine
- agent/tags
- package-manager/redhat
- package-manager/debian
- vendor/tigervnc
- canonical/tigervnc
- vendor/x.org
- canonical/x.org xserver
- canonical/red hat xorg-x11-server-xwayland
- vendor/fedoraproject
- canonical/red hat fedora
- version/red hat fedora/39
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/6.0
- version/red hat enterprise linux/7.0
- version/red hat enterprise linux/8.0
- version/red hat enterprise linux/9.0
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/7.0
- canonical/red hat enterprise linux for ibm z systems
- version/red hat enterprise linux for ibm z systems/7.0
- canonical/red hat enterprise linux for power, big endian
- version/red hat enterprise linux for power, big endian/7.0
- canonical/red hat enterprise linux for power, little endian
- version/red hat enterprise linux for power, little endian/7.0
- canonical/red hat enterprise linux for scientific computing
- version/red hat enterprise linux for scientific computing/7.0
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/7.0
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/7.0