CVE-2024-21886

High CVSS 7.8

Overview

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments.

CWE: CWE-122 Published: 2024-02-28T13:15:08.440

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.8 (HIGH)
Detected tags: buffer, rce (tag impact: VERY HIGH)

Recommended actions:

Patch/upgrade immediately (remote code execution).
Reduce exposure (WAF/segmentation), minimize attack surface.

Overview

Recommended tools

Tags