A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.
References
Configurations
No configuration.
History
01 May 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 May 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Apr 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Apr 2024, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Apr 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
24 Apr 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Apr 2024, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Apr 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
11 Apr 2024, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary |
|
05 Apr 2024, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-05 12:15
Updated : 2024-05-01 18:15
NVD link : CVE-2024-31083
Mitre link : CVE-2024-31083
CVE.ORG link : CVE-2024-31083
JSON object : View
Products Affected
No product.
CWE
CWE-416
Use After Free