REDHAT-BUG-2317233
First published: Tue Oct 08 2024(Updated: )
The _XkbSetCompatMap() function attempts to resize the `sym_interpret` buffer. However, it didn't update its size properly. It updated `num_si` only, without `size_si`: <a href="https://gitlab.freedesktop.org/xorg/xserver/-/blob/cdb4d5648a818a8e8ab282341be37109589229ab/xkb/xkb.c#L2998">https://gitlab.freedesktop.org/xorg/xserver/-/blob/cdb4d5648a818a8e8ab282341be37109589229ab/xkb/xkb.c#L2998</a> The exploit uses bitmap to achieve the arbitrary read and write. It leads to LPE for some distributions (xorg in debian xfce is run as root under specific display driver) and RCE for ssh x11 forwarding environment. The exploit doesn't work if the OS installed on vmware and default virtualbox. It works on virtualbox with VBoxVGA graphic controller.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| X.org X.org |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://gitlab.freedesktop.org/xorg/xserver/-/blob/cdb4d5648a818a8e8ab282341be37109589229ab/xkb/xkb.c#L2998
- https://access.redhat.com/errata/RHSA-2024:8798
- https://access.redhat.com/errata/RHSA-2024:9540
- https://access.redhat.com/errata/RHSA-2024:9579
- https://access.redhat.com/errata/RHSA-2024:9601
- https://access.redhat.com/errata/RHSA-2024:9690
- https://access.redhat.com/errata/RHSA-2024:9818
- https://access.redhat.com/errata/RHSA-2024:9820
- https://access.redhat.com/errata/RHSA-2024:9819
- https://access.redhat.com/errata/RHSA-2024:9816
- https://access.redhat.com/errata/RHSA-2024:9901
- https://access.redhat.com/errata/RHSA-2024:10090
- https://bugzilla.redhat.com/show_bug.cgi?id=2317233
Frequently Asked Questions
What is the severity of REDHAT-BUG-2317233?
The severity of REDHAT-BUG-2317233 is classified as medium due to potential memory corruption risks.
How do I fix REDHAT-BUG-2317233?
To fix REDHAT-BUG-2317233, apply the latest software updates provided by your Linux distribution vendor.
Which software is affected by REDHAT-BUG-2317233?
REDHAT-BUG-2317233 affects the X.Org X Server software.
What are the potential consequences of REDHAT-BUG-2317233?
The potential consequences of REDHAT-BUG-2317233 include memory corruption, which may lead to crashes or arbitrary code execution.
Is there a workaround for REDHAT-BUG-2317233?
There is no documented workaround for REDHAT-BUG-2317233, so applying updates is crucial.
- agent/severity
- agent/description
- agent/first-publish-date
- agent/type
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2024-9632
- agent/last-modified-date
- agent/references
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/x.org
- canonical/x.org x.org