INFSA-2024:8798: xorg-x11-server and xorg-x11-server-Xwayland security update (Moderate)
Information about definition
Identificator: INFSA-2024:8798
Type: security
Release date: 2024-11-12 06:40:03 UTC
Information about package
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.
Vulnerabilities description
- CVE-2024-9632
A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-9632
|
no information | 7.8 | no information |
Updated packages