CVE-2024-31083

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-31083
A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://access.redhat.com/errata/RHSA-2024:1785
https://access.redhat.com/errata/RHSA-2024:2036
https://access.redhat.com/errata/RHSA-2024:2037
https://access.redhat.com/errata/RHSA-2024:2038
https://access.redhat.com/errata/RHSA-2024:2039
https://access.redhat.com/errata/RHSA-2024:2040
https://access.redhat.com/errata/RHSA-2024:2041
https://access.redhat.com/errata/RHSA-2024:2042
https://access.redhat.com/errata/RHSA-2024:2080
https://access.redhat.com/errata/RHSA-2024:2616
https://access.redhat.com/errata/RHSA-2024:3258
https://access.redhat.com/errata/RHSA-2024:3261
https://access.redhat.com/errata/RHSA-2024:3343
https://access.redhat.com/errata/RHSA-2024:9093
https://access.redhat.com/errata/RHSA-2024:9122
https://access.redhat.com/security/cve/CVE-2024-31083
https://bugzilla.redhat.com/show_bug.cgi?id=2272000
http://www.openwall.com/lists/oss-security/2024/04/03/13
http://www.openwall.com/lists/oss-security/2024/04/12/10
https://access.redhat.com/errata/RHSA-2024:1785
https://access.redhat.com/errata/RHSA-2024:2036
https://access.redhat.com/errata/RHSA-2024:2037
https://access.redhat.com/errata/RHSA-2024:2038
https://access.redhat.com/errata/RHSA-2024:2039
https://access.redhat.com/errata/RHSA-2024:2040
https://access.redhat.com/errata/RHSA-2024:2041
https://access.redhat.com/errata/RHSA-2024:2042
https://access.redhat.com/errata/RHSA-2024:2080
https://access.redhat.com/errata/RHSA-2024:2616
https://access.redhat.com/errata/RHSA-2024:3258
https://access.redhat.com/errata/RHSA-2024:3261
https://access.redhat.com/errata/RHSA-2024:3343
https://access.redhat.com/security/cve/CVE-2024-31083
https://bugzilla.redhat.com/show_bug.cgi?id=2272000
https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/
Configurations

No configuration.

History

21 Nov 2024, 09:12

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/04/03/13 -
  • () http://www.openwall.com/lists/oss-security/2024/04/12/10 -
  • () https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/ -
References () https://access.redhat.com/errata/RHSA-2024:1785 - () https://access.redhat.com/errata/RHSA-2024:1785 -
References () https://access.redhat.com/errata/RHSA-2024:2036 - () https://access.redhat.com/errata/RHSA-2024:2036 -
References () https://access.redhat.com/errata/RHSA-2024:2037 - () https://access.redhat.com/errata/RHSA-2024:2037 -
References () https://access.redhat.com/errata/RHSA-2024:2038 - () https://access.redhat.com/errata/RHSA-2024:2038 -
References () https://access.redhat.com/errata/RHSA-2024:2039 - () https://access.redhat.com/errata/RHSA-2024:2039 -
References () https://access.redhat.com/errata/RHSA-2024:2040 - () https://access.redhat.com/errata/RHSA-2024:2040 -
References () https://access.redhat.com/errata/RHSA-2024:2041 - () https://access.redhat.com/errata/RHSA-2024:2041 -
References () https://access.redhat.com/errata/RHSA-2024:2042 - () https://access.redhat.com/errata/RHSA-2024:2042 -
References () https://access.redhat.com/errata/RHSA-2024:2080 - () https://access.redhat.com/errata/RHSA-2024:2080 -
References () https://access.redhat.com/errata/RHSA-2024:2616 - () https://access.redhat.com/errata/RHSA-2024:2616 -
References () https://access.redhat.com/errata/RHSA-2024:3258 - () https://access.redhat.com/errata/RHSA-2024:3258 -
References () https://access.redhat.com/errata/RHSA-2024:3261 - () https://access.redhat.com/errata/RHSA-2024:3261 -
References () https://access.redhat.com/errata/RHSA-2024:3343 - () https://access.redhat.com/errata/RHSA-2024:3343 -
References () https://access.redhat.com/security/cve/CVE-2024-31083 - () https://access.redhat.com/security/cve/CVE-2024-31083 -
References () https://bugzilla.redhat.com/show_bug.cgi?id=2272000 - () https://bugzilla.redhat.com/show_bug.cgi?id=2272000 -

12 Nov 2024, 15:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:9093 -
  • () https://access.redhat.com/errata/RHSA-2024:9122 -

16 Sep 2024, 19:16

Type Values Removed Values Added
References
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/03/13', 'source': 'secalert@redhat.com'}
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/12/10', 'source': 'secalert@redhat.com'}
  • {'url': 'https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html', 'source': 'secalert@redhat.com'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/', 'source': 'secalert@redhat.com'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/', 'source': 'secalert@redhat.com'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/', 'source': 'secalert@redhat.com'}

24 May 2024, 00:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:3343 -

22 May 2024, 17:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:3258 -
  • () https://access.redhat.com/errata/RHSA-2024:3261 -

01 May 2024, 18:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/04/12/10 -

01 May 2024, 17:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/04/03/13 -

30 Apr 2024, 20:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2616 -

29 Apr 2024, 19:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2080 -

25 Apr 2024, 18:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2036 -
  • () https://access.redhat.com/errata/RHSA-2024:2037 -
  • () https://access.redhat.com/errata/RHSA-2024:2038 -
  • () https://access.redhat.com/errata/RHSA-2024:2039 -
  • () https://access.redhat.com/errata/RHSA-2024:2040 -
  • () https://access.redhat.com/errata/RHSA-2024:2041 -
  • () https://access.redhat.com/errata/RHSA-2024:2042 -

24 Apr 2024, 02:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/ -

19 Apr 2024, 23:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/ -

15 Apr 2024, 14:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html -

11 Apr 2024, 23:15

Type Values Removed Values Added
Summary
  • (es) Se encontró una vulnerabilidad de use-after-free en la función ProcRenderAddGlyphs() de los servidores Xorg. Este problema ocurre cuando se llama a AllocateGlyph() para almacenar nuevos glifos enviados por el cliente al servidor X, lo que potencialmente resulta en múltiples entradas que apuntan a los mismos glifos no recontados. En consecuencia, ProcRenderAddGlyphs() puede liberar un glifo, lo que lleva a un escenario de use-after-free cuando posteriormente se accede al mismo puntero de glifo. Esta falla permite que un atacante autenticado ejecute código arbitrario en el sistema enviando una solicitud especialmente manipulada.
References
  • () https://access.redhat.com/errata/RHSA-2024:1785 -

05 Apr 2024, 12:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-04-05 12:15

Updated : 2024-11-21 09:12

NVD link : CVE-2024-31083

Mitre link : CVE-2024-31083

CVE.ORG link : CVE-2024-31083

JSON object : View

Products Affected

No product.

CWE
CWE-416

Use After Free