VYPR
← All advisories
High severity7.8NVD Advisory· Published Apr 5, 2024· Updated Apr 15, 2026

CVE-2024-31083

CVE-2024-31083

Description

A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

CVE-2024-31083 is a use-after-free vulnerability in Xorg's ProcRenderAddGlyphs() that lets an authenticated attacker execute arbitrary code.

Vulnerability

Overview

CVE-2024-31083 is a use-after-free vulnerability found in the ProcRenderAddGlyphs() function of Xorg servers. The root cause lies in the AllocateGlyph() routine, which can store multiple references to the same non-refcounted glyph when processing new glyphs sent by the client. When ProcRenderAddGlyphs() subsequently frees one of these glyphs, the remaining dangling pointers lead to a use-after-free condition [1][2].

Exploitation

An attacker must already have the ability to send crafted requests to the X server (local access as an authenticated user). By submitting a specially crafted glyph request, the attacker triggers the faulty allocation and freeing logic, causing the server to access freed memory. No additional authentication beyond a valid X session is required, making this a locally exploitable issue [1][2].

Impact

Successful exploitation allows the attacker to execute arbitrary code on the system with the privileges of the X server (typically root). Because the X server runs with elevated privileges, this can lead to a full compromise of the affected system. The CVSS v3 score is 7.8 (High), reflecting the high impact on confidentiality, integrity, and availability [1][2].

Mitigation

Status

Red Hat has released updates for Red Hat Enterprise Linux 9 to address this vulnerability in both the tigervnc (RHSA-2024:2616) and xorg-x11-server (RHSA-2024:2040, RHSA-2024:3258, RHSA-2024:9122) packages. Administrators should apply these patches promptly. No workarounds are documented; the recommended action is to update the affected packages [1][2][3][4].

References
  1. https://access.redhat.com/errata/RHSA-2024:2616
  2. https://access.redhat.com/errata/RHSA-2024:9122
  3. https://access.redhat.com/errata/RHSA-2024:2040
  4. https://access.redhat.com/errata/RHSA-2024:3258

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

67

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

24

News mentions

0

No linked articles in our index yet.