CVE-2024-0229

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-0229

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

A

n out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.

References
Link Resource
https://access.redhat.com/errata/RHSA-2024:0320 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0557 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0558 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0597 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0607 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0614 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0617 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0621 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0626 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0629 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2169 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2170 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2995 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2996 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:12751
https://access.redhat.com/security/cve/CVE-2024-0229 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2256690 Issue Tracking Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0320 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0557 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0558 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0597 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0607 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0614 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0617 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0621 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0626 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0629 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2169 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2170 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2995 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2996 Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-0229 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2256690 Issue Tracking Third Party Advisory
https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/
https://lists.fedoraproject.org/archives/list/[email protected]/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/
https://lists.fedoraproject.org/archives/list/[email protected]/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*
cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
History

04 Nov 2025, 19:16

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html -
  • () https://lists.fedoraproject.org/archives/list/[email protected]/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/ -
  • () https://lists.fedoraproject.org/archives/list/[email protected]/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/ -
  • () https://lists.fedoraproject.org/archives/list/[email protected]/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/ -

04 Aug 2025, 21:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:12751 -

23 Nov 2024, 03:15

Type Values Removed Values Added
CWE CWE-788

21 Nov 2024, 08:46

Type Values Removed Values Added
References () https://access.redhat.com/errata/RHSA-2024:0320 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0320 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0557 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0557 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0558 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0558 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0597 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0597 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0607 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0607 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0614 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0614 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0617 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0617 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0621 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0621 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0626 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0626 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0629 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0629 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2169 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:2169 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2170 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:2170 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2995 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:2995 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2996 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:2996 - Third Party Advisory
References () https://access.redhat.com/security/cve/CVE-2024-0229 - Third Party Advisory () https://access.redhat.com/security/cve/CVE-2024-0229 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2256690 - Issue Tracking, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=2256690 - Issue Tracking, Third Party Advisory

18 Oct 2024, 13:49

Type Values Removed Values Added
CWE CWE-787
References () https://access.redhat.com/errata/RHSA-2024:0320 - () https://access.redhat.com/errata/RHSA-2024:0320 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0557 - () https://access.redhat.com/errata/RHSA-2024:0557 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0558 - () https://access.redhat.com/errata/RHSA-2024:0558 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0597 - () https://access.redhat.com/errata/RHSA-2024:0597 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0607 - () https://access.redhat.com/errata/RHSA-2024:0607 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0614 - () https://access.redhat.com/errata/RHSA-2024:0614 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0617 - () https://access.redhat.com/errata/RHSA-2024:0617 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0621 - () https://access.redhat.com/errata/RHSA-2024:0621 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0626 - () https://access.redhat.com/errata/RHSA-2024:0626 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0629 - () https://access.redhat.com/errata/RHSA-2024:0629 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2169 - () https://access.redhat.com/errata/RHSA-2024:2169 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2170 - () https://access.redhat.com/errata/RHSA-2024:2170 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2995 - () https://access.redhat.com/errata/RHSA-2024:2995 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2996 - () https://access.redhat.com/errata/RHSA-2024:2996 - Third Party Advisory
References () https://access.redhat.com/security/cve/CVE-2024-0229 - () https://access.redhat.com/security/cve/CVE-2024-0229 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2256690 - () https://bugzilla.redhat.com/show_bug.cgi?id=2256690 - Issue Tracking, Third Party Advisory
First Time Redhat enterprise Linux Tus
Fedoraproject fedora
X.org x Server
Redhat enterprise Linux Eus
Redhat enterprise Linux Aus
Redhat
X.org xwayland
Redhat enterprise Linux Update Services For Sap Solutions
Fedoraproject
X.org
Redhat enterprise Linux
CPE cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*

22 May 2024, 17:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2995 -
  • () https://access.redhat.com/errata/RHSA-2024:2996 -

30 Apr 2024, 14:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2169 -
  • () https://access.redhat.com/errata/RHSA-2024:2170 -
Information

Published : 2024-02-09 07:16

Updated : 2025-11-04 19:16

NVD link : CVE-2024-0229

Mitre link : CVE-2024-0229

CVE.ORG link : CVE-2024-0229

JSON object : View

Products Affected

fedoraproject

redhat

x.org

CWE
CWE-787

Out-of-bounds Write