CVE Daily

CVE-2024-0229

An out-of-bounds memory access flaw was found in the X.Org server. This issue ca...

High CVSS 7.8

Overview

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.

CWE: CWE-787 Published: 2024-02-09T07:16:00.107
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.8 (HIGH)
  • Detected tags: priv_esc, rce (tag impact: VERY HIGH)

Recommended actions:

  • Fix privilege escalation urgently.
  • Enforce least-privilege and strengthen EDR detection.
  • Patch/upgrade immediately (remote code execution).
  • Reduce exposure (WAF/segmentation), minimize attack surface.

Recommended tools

Tags