Description
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.
CVSS Metrics
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Attack Vector
- local
- Complexity
- low
- Privileges
- low
- User Action
- none
- Scope
- unchanged
- Confidentiality
- high
- Integrity
- high
- Availability
- high
- Weaknesses
- CWE-787CWE-787
Metadata
- Primary Vendor
- X.ORG
- Published
- 2/9/2024
- Last Modified
- 11/4/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
x.org : x_serverx.org : xwaylandfedoraproject : fedoraredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linux_ausredhat : enterprise_linux_ausredhat : enterprise_linux_eusredhat : enterprise_linux_eusredhat : enterprise_linux_eusredhat : enterprise_linux_eusredhat : enterprise_linux_tusredhat : enterprise_linux_tusredhat : enterprise_linux_update_services_for_sap_solutionsredhat : enterprise_linux_update_services_for_sap_solutions
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.