High severity7.8NVD Advisory· Published Feb 9, 2024· Updated Jun 17, 2026
CVE-2024-0229
CVE-2024-0229
Description
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
60- osv-coords58 versionspkg:apk/chainguard/gtfpkg:apk/chainguard/Xnestpkg:apk/chainguard/xorg-serverpkg:apk/chainguard/xorg-server-commonpkg:apk/chainguard/xorg-server-devpkg:apk/chainguard/xorg-server-docpkg:apk/chainguard/Xvfbpkg:apk/chainguard/xvfb-runpkg:apk/wolfi/gtfpkg:apk/wolfi/Xnestpkg:apk/wolfi/xorg-serverpkg:apk/wolfi/xorg-server-commonpkg:apk/wolfi/xorg-server-devpkg:apk/wolfi/xorg-server-docpkg:apk/wolfi/Xvfbpkg:apk/wolfi/xvfb-runpkg:rpm/almalinux/tigervncpkg:rpm/almalinux/tigervnc-iconspkg:rpm/almalinux/tigervnc-licensepkg:rpm/almalinux/tigervnc-selinuxpkg:rpm/almalinux/tigervnc-serverpkg:rpm/almalinux/tigervnc-server-minimalpkg:rpm/almalinux/tigervnc-server-modulepkg:rpm/almalinux/xorg-x11-server-commonpkg:rpm/almalinux/xorg-x11-server-develpkg:rpm/almalinux/xorg-x11-server-sourcepkg:rpm/almalinux/xorg-x11-server-Xdmxpkg:rpm/almalinux/xorg-x11-server-Xephyrpkg:rpm/almalinux/xorg-x11-server-Xnestpkg:rpm/almalinux/xorg-x11-server-Xorgpkg:rpm/almalinux/xorg-x11-server-Xvfbpkg:rpm/almalinux/xorg-x11-server-Xwaylandpkg:rpm/opensuse/xorg-x11-server&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/xorg-x11-server&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/xwayland&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/xwayland&distro=openSUSE%20Tumbleweedpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP4pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/xorg-x11-server&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/xwayland&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5
< 21.1.11-r0+ 57 more
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 21.1.11-r0
- (no CPE)range: < 1.13.1-3.el9_3.6.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.6.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.6.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.6.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.6.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.6.alma.1
- (no CPE)range: < 1.13.1-3.el9_3.6.alma.1
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 1.20.11-24.el9
- (no CPE)range: < 22.1.9-5.el9
- (no CPE)range: < 21.1.4-150500.7.18.1
- (no CPE)range: < 21.1.11-1.1
- (no CPE)range: < 22.1.5-150500.7.14.1
- (no CPE)range: < 23.2.4-1.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150400.38.40.1
- (no CPE)range: < 1.20.3-150400.38.40.1
- (no CPE)range: < 21.1.4-150500.7.18.1
- (no CPE)range: < 21.1.4-150500.7.18.1
- (no CPE)range: < 1.20.3-150400.38.40.1
- (no CPE)range: < 1.19.6-10.65.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150400.38.40.1
- (no CPE)range: < 1.19.6-10.65.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150400.38.40.1
- (no CPE)range: < 1.19.6-10.65.1
- (no CPE)range: < 1.20.3-150200.22.5.88.1
- (no CPE)range: < 1.20.3-150400.38.40.1
- (no CPE)range: < 1.20.3-150400.38.40.1
- (no CPE)range: < 22.1.5-150500.7.14.1
Patches
Vulnerability mechanics
References
21- access.redhat.com/errata/RHSA-2024:0320nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:0557nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:0558nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:0597nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:0607nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:0614nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:0617nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:0621nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:0626nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:0629nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:2169nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:2170nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:2995nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:2996nvdThird Party Advisory
- access.redhat.com/security/cve/CVE-2024-0229nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- access.redhat.com/errata/RHSA-2025:12751nvd
- lists.debian.org/debian-lts-announce/2024/01/msg00016.htmlnvd
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/nvd
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/nvd
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/nvd
News mentions
0No linked articles in our index yet.