CVE-2024-0408
Xorg-x11-server: selinux unlabeled glx pbuffer
Severity Score
5.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.
Se encontró una falla en el servidor X.Org. El código GLX PBuffer no llama al gancho XACE al crear el búfer, dejándolo sin etiquetar. Cuando el cliente emite otra solicitud para acceder a ese recurso (como con GetGeometry) o cuando crea otro recurso que necesita acceder a ese búfer, como un GC, el código XSELINUX intentará usar un objeto que nunca fue etiquetado y fallará porque el SID es NULO.
*Credits:
Red Hat would like to thank Donn Seeley and Olivier Fourdan for reporting this issue.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-01-10 CVE Reserved
- 2024-01-17 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-158: Improper Neutralization of Null Byte or NUL Character
CAPEC
References (13)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:0320 | 2024-05-22 | |
| https://access.redhat.com/errata/RHSA-2024:2169 | 2024-05-22 | |
| https://access.redhat.com/errata/RHSA-2024:2170 | 2024-05-22 | |
| https://access.redhat.com/errata/RHSA-2024:2995 | 2024-05-22 | |
| https://access.redhat.com/errata/RHSA-2024:2996 | 2024-05-22 | |
| https://access.redhat.com/security/cve/CVE-2024-0408 | 2024-05-22 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2257689 | 2024-05-22 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Tigervnc Search vendor "Tigervnc" | Tigervnc Search vendor "Tigervnc" for product "Tigervnc" | < 1.13.1 Search vendor "Tigervnc" for product "Tigervnc" and version " < 1.13.1" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | Xorg-server Search vendor "X.org" for product "Xorg-server" | < 21.1.11 Search vendor "X.org" for product "Xorg-server" and version " < 21.1.11" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | Xwayland Search vendor "X.org" for product "Xwayland" | < 23.2.4 Search vendor "X.org" for product "Xwayland" and version " < 23.2.4" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 39 Search vendor "Fedoraproject" for product "Fedora" and version "39" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 6.0 Search vendor "Redhat" for product "Enterprise Linux" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 9.0 Search vendor "Redhat" for product "Enterprise Linux" and version "9.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux For Ibm Z Systems Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems" | 7.0 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux For Power Big Endian Search vendor "Redhat" for product "Enterprise Linux For Power Big Endian" | 7.0 Search vendor "Redhat" for product "Enterprise Linux For Power Big Endian" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux For Power Little Endian Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian" | 7.0 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux For Scientific Computing Search vendor "Redhat" for product "Enterprise Linux For Scientific Computing" | 7.0 Search vendor "Redhat" for product "Enterprise Linux For Scientific Computing" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "7.0" | - |
Affected
| ||||||