Discover Security Vulnerabilities News

Severe X.Org Memory Safety, Code Execution Vulns Fixed [Updated]

Q: What Vulnerabilities Have Been Found in the X.Org X11 Server? What Is the Impact of These Flaws?

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the RRChangeOutputProperty and RRChangeProviderProperty APIs. An attacker could use this issue to cause the X Server to crash or obtain sensitive information. (CVE-2023-6478) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. (CVE-2023-6816) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2024-0229) Olivier Fourdan and Donn Seeley discovered that the X.Org X Server incorrectly labeled GLX PBuffers when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0408) Olivier Fourdan discovered that the X.Org X Server incorrectly handled the curser code when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0409) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the XISendDeviceHierarchyEvent API. An attacker could use this issue to cause the X Server to crash or execute arbitrary code. (CVE-2024-21885) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled devices being disabled. An attacker could use this issue to cause the X Server to crash or execute arbitrary code. (CVE-2024-21886) The impact of these flaws could be severe, potentially resulting in service disruption, information disclosure, arbitrary code execution, unauthorized access to your Linux environment, or complete system compromise.

Anthony Pell

2 - 3 min read Apr 15, 2024

After recent heap overflow, out-of-bounds write, and privilege escalation flaws brought X.Org into the spotlight, more severe memory safety, use-after-free, heap buffer overread, and code execution vulnerabilities have been identified in the popular X server. These issues affect the X.Org X11 server.

To help you secure your systems against exploits leading to service disruption, data compromise, and other damaging repercussions, we'll explore the vulnerabilities found, their impact, and how to mitigate them.

What Vulnerabilities Have Been Found in the X.Org X11 Server? What Is the Impact of These Flaws?

Vulnerabilities discovered in X.Org X11 include:

The X.Org X Server incorrectly handled memory when processing the RRChangeOutputProperty and RRChangeProviderProperty APIs. An attacker could use this issue to cause the X Server to crash or obtain sensitive information. (CVE-2023-6478)
The X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. (CVE-2023-6816)
The X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2024-0229)
The X.Org X Server incorrectly labeled GLX PBuffers when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0408)
The X.Org X Server incorrectly handled the curser code when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. (CVE-2024-0409)
The X.Org X Server incorrectly handled memory when processing the XISendDeviceHierarchyEvent API. An attacker could use this issue to cause the X Server to crash or execute arbitrary code. (CVE-2024-21885)
The X.Org X Server incorrectly handled devices being disabled. An attacker could use this issue to cause the X Server to crash or execute arbitrary code. (CVE-2024-21886)
Heap buffer overread/data leakage in ProcXIGetSelectedEvents. (CVE-2024-31080)
Heap buffer overread/data leakage in ProcXIPassiveGrabDevice. (CVE-2024-31081)
User-after-free in ProcRenderAddGlyphs. (CVE-2024-31083)

These vulnerabilities could have severe repercussions on impacted systems, enabling attackers to disrupt services and steal sensitive information, potentially resulting in the complete compromise of your critical Linux systems.

How Can I Secure My Systems Against These X.Org Bugs?

An essential X.Org update that fixes these issues has been released. We urge all impacted users to update to the latest version of X.Org as soon as possible. Applying the patches released by your distro(s) will protect your systems against attacks leading to downtime and compromise.

To stay informed of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user, subscribe to our Linux Advisory Watch newsletter, and customize your advisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems.

Follow @LS_Advisories on X for real-time updates on advisories for your distro(s).