Homepage
About Snyk

Buffer Over-read Affecting xorg-server package, versions <2:1.20.4-1+deb10u14

low

Snyk CVSS

      Threat Intelligence

      EPSS 0.05% (16th percentile)
    Expand this section
    SUSE
    7.6 high
    Expand this section
    Red Hat
    7.3 high

    Do your applications use this vulnerable package?

    In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

    Test your applications
    • Snyk ID SNYK-DEBIAN10-XORGSERVER-6531261
    • published 4 Apr 2024
    • disclosed 4 Apr 2024
    Report a new vulnerability Found a mistake?

    Introduced: 4 Apr 2024

    New CVE-2024-31081 Open this link in a new tab
    CWE-126 Open this link in a new tab

    How to fix?

    Upgrade Debian:10 xorg-server to version 2:1.20.4-1+deb10u14 or higher.

    NVD Description

    Note: Versions mentioned in the description apply only to the upstream xorg-server package and not the xorg-server package as distributed by Debian. See How to fix? for Debian:10 relevant fixed versions and status.

    A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.

    References