CVE-2024-9632

High CVSS 7.8

Overview

A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.

CWE: CWE-122 Published: 2024-10-30T08:15:04.830

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.8 (HIGH)
Detected tags: buffer, dos, priv_esc (tag impact: HIGH)

Recommended actions:

Rate limiting, resource quotas and circuit breakers.
Fix privilege escalation urgently.
Enforce least-privilege and strengthen EDR detection.

Overview

Recommended tools

Tags