CVE-2024-0229 HIGH

CVE-2024-0229: Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access

Vendor Red Hat

Product Red Hat Enterprise Linux 6

Weakness CWE-787

Published February 9, 2024

Last update November 6, 2025

View on NVD All CVEs

CVSS base score

7.8/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.

Key dates

02Disclosure timeline

February 9, 2024 CVE published

November 6, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-0229 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/787.html

Related vulnerabilities

CVE-2024-0229: Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access

01Description

02Disclosure timeline

03References

04Related CVE