CVE-2024-0408 MEDIUM

CVE-2024-0408: Xorg-x11-server: selinux unlabeled glx pbuffer

Vendor Red Hat
Product Red Hat Enterprise Linux 6
Weakness CWE-158
Published January 18, 2024
Last update November 20, 2025

CVSS base score

5.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.

Key dates

02Disclosure timeline

January 18, 2024 CVE published
November 20, 2025 Record updated