Search

Find a vulnerability

Search criteria

    70 vulnerabilities found for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions by Red Hat

    CVE-2024-31083 (GCVE-0-2024-31083)

    Vulnerability from nvd – Published: 2024-04-05 12:04 – Updated: 2025-11-20 07:19
    VLAI
    Title
    Xorg-x11-server: use-after-free in procrenderaddglyphs
    Summary
    A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1785 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2036 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2037 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2038 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2039 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2040 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2041 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2042 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2080 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2616 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3258 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3261 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3343 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:9093 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:9122 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-31083 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2272000 issue-trackingx_refsource_REDHAT
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    Impacted products
    Vendor Product Version
    Affected: 21.1.12
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-29.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-33.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-23.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-10.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-16.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.11 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.10 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-8.el9_4.3 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-1.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-26.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.11 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2024-04-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31083",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-05T18:36:25.769082Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-20T14:32:44.924Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:46:04.596Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/03/13"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/12/10"
              },
              {
                "name": "RHSA-2024:1785",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1785"
              },
              {
                "name": "RHSA-2024:2036",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2036"
              },
              {
                "name": "RHSA-2024:2037",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2037"
              },
              {
                "name": "RHSA-2024:2038",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2038"
              },
              {
                "name": "RHSA-2024:2039",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2039"
              },
              {
                "name": "RHSA-2024:2040",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2040"
              },
              {
                "name": "RHSA-2024:2041",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2041"
              },
              {
                "name": "RHSA-2024:2042",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2042"
              },
              {
                "name": "RHSA-2024:2080",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2080"
              },
              {
                "name": "RHSA-2024:2616",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2616"
              },
              {
                "name": "RHSA-2024:3258",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3258"
              },
              {
                "name": "RHSA-2024:3261",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3261"
              },
              {
                "name": "RHSA-2024:3343",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3343"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-31083"
              },
              {
                "name": "RHBZ#2272000",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272000"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "defaultStatus": "unaffected",
              "packageName": "xorg-x11-server",
              "versions": [
                {
                  "status": "affected",
                  "version": "21.1.12"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-29.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-33.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-23.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-10.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-16.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-8.el9_4.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:23.2.7-1.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-26.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2024-04-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T07:19:07.523Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1785",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1785"
            },
            {
              "name": "RHSA-2024:2036",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2036"
            },
            {
              "name": "RHSA-2024:2037",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2037"
            },
            {
              "name": "RHSA-2024:2038",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2038"
            },
            {
              "name": "RHSA-2024:2039",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2039"
            },
            {
              "name": "RHSA-2024:2040",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2040"
            },
            {
              "name": "RHSA-2024:2041",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2041"
            },
            {
              "name": "RHSA-2024:2042",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2042"
            },
            {
              "name": "RHSA-2024:2080",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2080"
            },
            {
              "name": "RHSA-2024:2616",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2616"
            },
            {
              "name": "RHSA-2024:3258",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3258"
            },
            {
              "name": "RHSA-2024:3261",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3261"
            },
            {
              "name": "RHSA-2024:3343",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3343"
            },
            {
              "name": "RHSA-2024:9093",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:9093"
            },
            {
              "name": "RHSA-2024:9122",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:9122"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-31083"
            },
            {
              "name": "RHBZ#2272000",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272000"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-28T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-04-03T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: use-after-free in procrenderaddglyphs",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-416: Use After Free"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-31083",
        "datePublished": "2024-04-05T12:04:49.414Z",
        "dateReserved": "2024-03-28T02:56:55.575Z",
        "dateUpdated": "2025-11-20T07:19:07.523Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-31081 (GCVE-0-2024-31081)

    Vulnerability from nvd – Published: 2024-04-04 13:48 – Updated: 2025-11-20 07:19
    VLAI
    Title
    Xorg-x11-server: heap buffer overread/data leakage in procxipassivegrabdevice
    Summary
    A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1785 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2036 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2037 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2038 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2039 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2040 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2041 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2042 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2080 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2616 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3258 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3261 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3343 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:9093 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:9122 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-31081 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2271998 issue-trackingx_refsource_REDHAT
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    Impacted products
    Vendor Product Version
    Affected: 1.7.0
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-29.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-33.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-23.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-10.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-16.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.11 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.10 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-8.el9_4.3 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-1.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-26.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.11 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2024-04-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31081",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-04T16:37:41.931286Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-05T17:22:25.941Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:46:04.378Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/03/13"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/12/10"
              },
              {
                "name": "RHSA-2024:1785",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1785"
              },
              {
                "name": "RHSA-2024:2036",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2036"
              },
              {
                "name": "RHSA-2024:2037",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2037"
              },
              {
                "name": "RHSA-2024:2038",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2038"
              },
              {
                "name": "RHSA-2024:2039",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2039"
              },
              {
                "name": "RHSA-2024:2040",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2040"
              },
              {
                "name": "RHSA-2024:2041",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2041"
              },
              {
                "name": "RHSA-2024:2042",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2042"
              },
              {
                "name": "RHSA-2024:2080",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2080"
              },
              {
                "name": "RHSA-2024:2616",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2616"
              },
              {
                "name": "RHSA-2024:3258",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3258"
              },
              {
                "name": "RHSA-2024:3261",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3261"
              },
              {
                "name": "RHSA-2024:3343",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3343"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-31081"
              },
              {
                "name": "RHBZ#2271998",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271998"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "defaultStatus": "unaffected",
              "packageName": "xorg-server",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.7.0"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-29.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-33.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-23.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-10.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-16.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-8.el9_4.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:23.2.7-1.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-26.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2024-04-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T07:19:00.688Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1785",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1785"
            },
            {
              "name": "RHSA-2024:2036",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2036"
            },
            {
              "name": "RHSA-2024:2037",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2037"
            },
            {
              "name": "RHSA-2024:2038",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2038"
            },
            {
              "name": "RHSA-2024:2039",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2039"
            },
            {
              "name": "RHSA-2024:2040",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2040"
            },
            {
              "name": "RHSA-2024:2041",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2041"
            },
            {
              "name": "RHSA-2024:2042",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2042"
            },
            {
              "name": "RHSA-2024:2080",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2080"
            },
            {
              "name": "RHSA-2024:2616",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2616"
            },
            {
              "name": "RHSA-2024:3258",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3258"
            },
            {
              "name": "RHSA-2024:3261",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3261"
            },
            {
              "name": "RHSA-2024:3343",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3343"
            },
            {
              "name": "RHSA-2024:9093",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:9093"
            },
            {
              "name": "RHSA-2024:9122",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:9122"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-31081"
            },
            {
              "name": "RHBZ#2271998",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271998"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-28T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-04-03T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: heap buffer overread/data leakage in procxipassivegrabdevice",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-126: Buffer Over-read"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-31081",
        "datePublished": "2024-04-04T13:48:12.848Z",
        "dateReserved": "2024-03-28T02:56:55.575Z",
        "dateUpdated": "2025-11-20T07:19:00.688Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-31080 (GCVE-0-2024-31080)

    Vulnerability from nvd – Published: 2024-04-04 13:47 – Updated: 2025-11-20 07:18
    VLAI
    Title
    Xorg-x11-server: heap buffer overread/data leakage in procxigetselectedevents
    Summary
    A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1785 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2036 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2037 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2038 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2039 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2040 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2041 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2042 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2080 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2616 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3258 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3261 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3343 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:9093 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:9122 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-31080 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2271997 issue-trackingx_refsource_REDHAT
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    Impacted products
    Vendor Product Version
    Affected: 29.1.0 , < * (semver)
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-29.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-33.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-23.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-10.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-16.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.11 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.10 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-8.el9_4.3 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-1.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-26.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.11 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2024-04-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:46:04.428Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/03/13"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/12/10"
              },
              {
                "name": "RHSA-2024:1785",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1785"
              },
              {
                "name": "RHSA-2024:2036",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2036"
              },
              {
                "name": "RHSA-2024:2037",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2037"
              },
              {
                "name": "RHSA-2024:2038",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2038"
              },
              {
                "name": "RHSA-2024:2039",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2039"
              },
              {
                "name": "RHSA-2024:2040",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2040"
              },
              {
                "name": "RHSA-2024:2041",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2041"
              },
              {
                "name": "RHSA-2024:2042",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2042"
              },
              {
                "name": "RHSA-2024:2080",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2080"
              },
              {
                "name": "RHSA-2024:2616",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2616"
              },
              {
                "name": "RHSA-2024:3258",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3258"
              },
              {
                "name": "RHSA-2024:3261",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3261"
              },
              {
                "name": "RHSA-2024:3343",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3343"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-31080"
              },
              {
                "name": "RHBZ#2271997",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271997"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31080",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-07T15:41:05.539453Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-03T18:18:59.223Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "defaultStatus": "unaffected",
              "packageName": "xorg-server",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "29.1.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-29.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-33.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-23.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-10.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-16.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-8.el9_4.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:23.2.7-1.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-26.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2024-04-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T07:18:58.383Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1785",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1785"
            },
            {
              "name": "RHSA-2024:2036",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2036"
            },
            {
              "name": "RHSA-2024:2037",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2037"
            },
            {
              "name": "RHSA-2024:2038",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2038"
            },
            {
              "name": "RHSA-2024:2039",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2039"
            },
            {
              "name": "RHSA-2024:2040",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2040"
            },
            {
              "name": "RHSA-2024:2041",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2041"
            },
            {
              "name": "RHSA-2024:2042",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2042"
            },
            {
              "name": "RHSA-2024:2080",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2080"
            },
            {
              "name": "RHSA-2024:2616",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2616"
            },
            {
              "name": "RHSA-2024:3258",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3258"
            },
            {
              "name": "RHSA-2024:3261",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3261"
            },
            {
              "name": "RHSA-2024:3343",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3343"
            },
            {
              "name": "RHSA-2024:9093",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:9093"
            },
            {
              "name": "RHSA-2024:9122",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:9122"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-31080"
            },
            {
              "name": "RHBZ#2271997",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271997"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-28T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-04-03T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: heap buffer overread/data leakage in procxigetselectedevents",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-126: Buffer Over-read"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-31080",
        "datePublished": "2024-04-04T13:47:33.926Z",
        "dateReserved": "2024-03-28T02:56:55.574Z",
        "dateUpdated": "2025-11-20T07:18:58.383Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-21886 (GCVE-0-2024-21886)

    Vulnerability from nvd – Published: 2024-02-28 12:13 – Updated: 2025-11-06 20:53
    VLAI
    Title
    Xorg-x11-server: heap buffer overflow in disabledevice
    Summary
    A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:0320 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0557 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0558 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0597 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0607 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0614 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0617 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0621 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0626 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2169 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2170 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2995 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2996 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-21886 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2256542 issue-trackingx_refsource_REDHAT
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.debian.org/debian-lts-announce/2024…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    Impacted products
    Vendor Product Version
    Affected: 1.21.1.7
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-27.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::server
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-31.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::server
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.7 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-22.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
        cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-15.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.7 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-3.el9_3.6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-24.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:22.1.9-5.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.5 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    xorg xserver Affected: *
        cpe:2.3:a:xorg:xserver:*:*:*:*:*:*:*:*
    Create a notification for this product.
    xorg xwayland Affected: *
        cpe:2.3:a:xorg:xwayland:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-01-16 00:00
    Credits
    Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:xorg:xserver:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "xserver",
                "vendor": "xorg",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:xorg:xwayland:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "xwayland",
                "vendor": "xorg",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21886",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-23T21:47:31.702467Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:37:54.900Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T22:05:35.965Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:0320",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0320"
              },
              {
                "name": "RHSA-2024:0557",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0557"
              },
              {
                "name": "RHSA-2024:0558",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0558"
              },
              {
                "name": "RHSA-2024:0597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0597"
              },
              {
                "name": "RHSA-2024:0607",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0607"
              },
              {
                "name": "RHSA-2024:0614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0614"
              },
              {
                "name": "RHSA-2024:0617",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0617"
              },
              {
                "name": "RHSA-2024:0621",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0621"
              },
              {
                "name": "RHSA-2024:0626",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0626"
              },
              {
                "name": "RHSA-2024:0629",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0629"
              },
              {
                "name": "RHSA-2024:2169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2169"
              },
              {
                "name": "RHSA-2024:2170",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2170"
              },
              {
                "name": "RHSA-2024:2995",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2995"
              },
              {
                "name": "RHSA-2024:2996",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2996"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-21886"
              },
              {
                "name": "RHBZ#2256542",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256542"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZ2IJJDHJETNE76VUX4G7UI5EG5HYFEH/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "defaultStatus": "unaffected",
              "packageName": "xorg-server",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.21.1.7"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::server"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-27.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::server"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-31.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream",
                "cpe:/a:redhat:enterprise_linux:8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-22.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-15.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-3.el9_3.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-24.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:22.1.9-5.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.5",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue."
            }
          ],
          "datePublic": "2024-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-06T20:53:28.237Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0320",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0320"
            },
            {
              "name": "RHSA-2024:0557",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0557"
            },
            {
              "name": "RHSA-2024:0558",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0558"
            },
            {
              "name": "RHSA-2024:0597",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0597"
            },
            {
              "name": "RHSA-2024:0607",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0607"
            },
            {
              "name": "RHSA-2024:0614",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0614"
            },
            {
              "name": "RHSA-2024:0617",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0617"
            },
            {
              "name": "RHSA-2024:0621",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0621"
            },
            {
              "name": "RHSA-2024:0626",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0626"
            },
            {
              "name": "RHSA-2024:0629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0629"
            },
            {
              "name": "RHSA-2024:2169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2169"
            },
            {
              "name": "RHSA-2024:2170",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2170"
            },
            {
              "name": "RHSA-2024:2995",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2995"
            },
            {
              "name": "RHSA-2024:2996",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2996"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-21886"
            },
            {
              "name": "RHBZ#2256542",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256542"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-02T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-16T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: heap buffer overflow in disabledevice",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-21886",
        "datePublished": "2024-02-28T12:13:12.555Z",
        "dateReserved": "2024-01-02T21:57:08.796Z",
        "dateUpdated": "2025-11-06T20:53:28.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-21885 (GCVE-0-2024-21885)

    Vulnerability from nvd – Published: 2024-02-28 12:11 – Updated: 2025-11-06 20:53
    VLAI
    Title
    Xorg-x11-server: heap buffer overflow in xisenddevicehierarchyevent
    Summary
    A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remote code execution in SSH X11 forwarding environments.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:0320 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0557 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0558 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0597 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0607 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0614 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0617 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0621 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0626 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2169 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2170 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2995 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2996 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-21885 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2256540 issue-trackingx_refsource_REDHAT
    https://security.netapp.com/advisory/ntap-2024050… x_transferred
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.debian.org/debian-lts-announce/2024…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    Impacted products
    Vendor Product Version
    Affected: 0 , < 21.1.11 (semver)
    Unaffected: 21.1.11 , < * (semver)
    Affected: 0 , < 23.2.4 (semver)
    Unaffected: 23.2.4 , < * (semver)
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-27.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-31.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.7 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-22.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
        cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-15.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.7 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-3.el9_3.6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-24.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:22.1.9-5.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.5 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2024-01-16 00:00
    Credits
    Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21885",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-26T16:17:45.889071Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-13T13:36:52.093Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T18:23:11.066Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:0320",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0320"
              },
              {
                "name": "RHSA-2024:0557",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0557"
              },
              {
                "name": "RHSA-2024:0558",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0558"
              },
              {
                "name": "RHSA-2024:0597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0597"
              },
              {
                "name": "RHSA-2024:0607",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0607"
              },
              {
                "name": "RHSA-2024:0614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0614"
              },
              {
                "name": "RHSA-2024:0617",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0617"
              },
              {
                "name": "RHSA-2024:0621",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0621"
              },
              {
                "name": "RHSA-2024:0626",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0626"
              },
              {
                "name": "RHSA-2024:0629",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0629"
              },
              {
                "name": "RHSA-2024:2169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2169"
              },
              {
                "name": "RHSA-2024:2170",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2170"
              },
              {
                "name": "RHSA-2024:2995",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2995"
              },
              {
                "name": "RHSA-2024:2996",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2996"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-21885"
              },
              {
                "name": "RHBZ#2256540",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256540"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240503-0004/"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "packageName": "xorg-server",
              "versions": [
                {
                  "lessThan": "21.1.11",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "21.1.11",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "packageName": "xwayland",
              "versions": [
                {
                  "lessThan": "23.2.4",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "23.2.4",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-27.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-31.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream",
                "cpe:/a:redhat:enterprise_linux:8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-22.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-15.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-3.el9_3.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-24.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:22.1.9-5.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.5",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue."
            }
          ],
          "datePublic": "2024-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remote code execution in SSH X11 forwarding environments."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-06T20:53:28.030Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0320",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0320"
            },
            {
              "name": "RHSA-2024:0557",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0557"
            },
            {
              "name": "RHSA-2024:0558",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0558"
            },
            {
              "name": "RHSA-2024:0597",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0597"
            },
            {
              "name": "RHSA-2024:0607",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0607"
            },
            {
              "name": "RHSA-2024:0614",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0614"
            },
            {
              "name": "RHSA-2024:0617",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0617"
            },
            {
              "name": "RHSA-2024:0621",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0621"
            },
            {
              "name": "RHSA-2024:0626",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0626"
            },
            {
              "name": "RHSA-2024:0629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0629"
            },
            {
              "name": "RHSA-2024:2169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2169"
            },
            {
              "name": "RHSA-2024:2170",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2170"
            },
            {
              "name": "RHSA-2024:2995",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2995"
            },
            {
              "name": "RHSA-2024:2996",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2996"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-21885"
            },
            {
              "name": "RHBZ#2256540",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256540"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-02T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-16T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: heap buffer overflow in xisenddevicehierarchyevent",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-21885",
        "datePublished": "2024-02-28T12:11:59.650Z",
        "dateReserved": "2024-01-02T21:57:08.796Z",
        "dateUpdated": "2025-11-06T20:53:28.030Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-1488 (GCVE-0-2024-1488)

    Vulnerability from nvd – Published: 2024-02-15 05:04 – Updated: 2025-11-11 15:29
    VLAI
    Title
    Unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation
    Summary
    A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1750 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1780 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1801 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1802 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1804 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2587 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2696 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:0837 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-1488 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2264183 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Affected: 1.16.2
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.16.2-5.el8_9.6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.16.2-5.8.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.7.3-12.el8_2.1 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.7.3-12.el8_2.1 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.7.3-12.el8_2.1 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.7.3-15.el8_4.1 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.7.3-15.el8_4.1 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.7.3-15.el8_4.1 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.7.3-17.el8_6.4 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.16.2-5.el8_8.4 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.16.2-3.el9_3.5 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.13.1-13.el9_0.4 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.16.2-3.el9_2.4 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
        cpe:/a:redhat:rhel_eus:9.2::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Date Public
    2024-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-1488",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-15T18:02:37.532018Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-05T17:22:53.092Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:40:21.182Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:1750",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1750"
              },
              {
                "name": "RHSA-2024:1751",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1751"
              },
              {
                "name": "RHSA-2024:1780",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1780"
              },
              {
                "name": "RHSA-2024:1801",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1801"
              },
              {
                "name": "RHSA-2024:1802",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1802"
              },
              {
                "name": "RHSA-2024:1804",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1804"
              },
              {
                "name": "RHSA-2024:2587",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2587"
              },
              {
                "name": "RHSA-2024:2696",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2696"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-1488"
              },
              {
                "name": "RHBZ#2264183",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264183"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://src.fedoraproject.org/rpms/unbound/",
              "defaultStatus": "unaffected",
              "packageName": "unbound",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.16.2"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.16.2-5.el8_9.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.16.2-5.8.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.7.3-12.el8_2.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.7.3-12.el8_2.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.7.3-12.el8_2.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.7.3-15.el8_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.7.3-15.el8_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.7.3-15.el8_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.7.3-17.el8_6.4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.16.2-5.el8_8.4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.16.2-3.el9_3.5",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-13.el9_0.4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream",
                "cpe:/a:redhat:rhel_eus:9.2::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.16.2-3.el9_2.4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unaffected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2024-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-11T15:29:53.824Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1750",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1750"
            },
            {
              "name": "RHSA-2024:1751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1751"
            },
            {
              "name": "RHSA-2024:1780",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1780"
            },
            {
              "name": "RHSA-2024:1801",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1801"
            },
            {
              "name": "RHSA-2024:1802",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1802"
            },
            {
              "name": "RHSA-2024:1804",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1804"
            },
            {
              "name": "RHSA-2024:2587",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2587"
            },
            {
              "name": "RHSA-2024:2696",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2696"
            },
            {
              "name": "RHSA-2025:0837",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:0837"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-1488"
            },
            {
              "name": "RHBZ#2264183",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264183"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-02-14T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-02-13T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-276: Incorrect Default Permissions"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-1488",
        "datePublished": "2024-02-15T05:04:13.994Z",
        "dateReserved": "2024-02-14T12:47:25.283Z",
        "dateUpdated": "2025-11-11T15:29:53.824Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-0229 (GCVE-0-2024-0229)

    Vulnerability from nvd – Published: 2024-02-09 06:29 – Updated: 2025-11-06 20:51
    VLAI
    Title
    Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
    Summary
    An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:0320 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0557 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0558 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0597 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0607 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0614 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0617 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0621 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0626 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2169 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2170 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2995 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2996 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-0229 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2256690 issue-trackingx_refsource_REDHAT
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.debian.org/debian-lts-announce/2024…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    Impacted products
    Vendor Product Version
    Affected: 21.1.0 , < 21.1.11 (semver)
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-27.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-31.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.7 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-22.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
        cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-15.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.7 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-3.el9_3.6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-24.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:22.1.9-5.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.5 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2024-01-16 00:00
    Credits
    Upstream acknowledges Jan-Niklas Sohn (Trend Micro Zero Day Initiative) as the original reporter.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T18:22:19.221Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:0320",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0320"
              },
              {
                "name": "RHSA-2024:0557",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0557"
              },
              {
                "name": "RHSA-2024:0558",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0558"
              },
              {
                "name": "RHSA-2024:0597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0597"
              },
              {
                "name": "RHSA-2024:0607",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0607"
              },
              {
                "name": "RHSA-2024:0614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0614"
              },
              {
                "name": "RHSA-2024:0617",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0617"
              },
              {
                "name": "RHSA-2024:0621",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0621"
              },
              {
                "name": "RHSA-2024:0626",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0626"
              },
              {
                "name": "RHSA-2024:0629",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0629"
              },
              {
                "name": "RHSA-2024:2169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2169"
              },
              {
                "name": "RHSA-2024:2170",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2170"
              },
              {
                "name": "RHSA-2024:2995",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2995"
              },
              {
                "name": "RHSA-2024:2996",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2996"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-0229"
              },
              {
                "name": "RHBZ#2256690",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256690"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0229",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-12T16:50:56.761255Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-29T14:31:56.224Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "defaultStatus": "unaffected",
              "packageName": "xorg-server",
              "versions": [
                {
                  "lessThan": "21.1.11",
                  "status": "affected",
                  "version": "21.1.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-27.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-31.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream",
                "cpe:/a:redhat:enterprise_linux:8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-22.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-15.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-3.el9_3.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-24.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:22.1.9-5.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.5",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Upstream acknowledges Jan-Niklas Sohn (Trend Micro Zero Day Initiative) as the original reporter."
            }
          ],
          "datePublic": "2024-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-06T20:51:57.196Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0320",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0320"
            },
            {
              "name": "RHSA-2024:0557",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0557"
            },
            {
              "name": "RHSA-2024:0558",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0558"
            },
            {
              "name": "RHSA-2024:0597",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0597"
            },
            {
              "name": "RHSA-2024:0607",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0607"
            },
            {
              "name": "RHSA-2024:0614",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0614"
            },
            {
              "name": "RHSA-2024:0617",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0617"
            },
            {
              "name": "RHSA-2024:0621",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0621"
            },
            {
              "name": "RHSA-2024:0626",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0626"
            },
            {
              "name": "RHSA-2024:0629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0629"
            },
            {
              "name": "RHSA-2024:2169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2169"
            },
            {
              "name": "RHSA-2024:2170",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2170"
            },
            {
              "name": "RHSA-2024:2995",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2995"
            },
            {
              "name": "RHSA-2024:2996",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2996"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-0229"
            },
            {
              "name": "RHBZ#2256690",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256690"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-03T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-16T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-0229",
        "datePublished": "2024-02-09T06:29:51.542Z",
        "dateReserved": "2024-01-03T21:53:07.804Z",
        "dateUpdated": "2025-11-06T20:51:57.196Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-40551 (GCVE-0-2023-40551)

    Vulnerability from nvd – Published: 2024-01-29 16:46 – Updated: 2025-11-20 19:53
    VLAI
    Title
    Shim: out of bounds read when parsing mz binaries
    Summary
    A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1834 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1835 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1873 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1876 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1883 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1902 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1903 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1959 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2086 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-40551 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2259918 issue-trackingx_refsource_REDHAT
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-3.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-1.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:15.8-4.el8_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:15.8-2.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:15.8-2.el8 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.8::baseos
        cpe:/a:redhat:rhel_eus:8.8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:15.8-4.el9_3 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-3.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-2.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:15.8-3.el9_2 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Date Public
    2024-01-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40551",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-25T16:31:11.138934Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:19:12.747Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.616Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:1834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1834"
              },
              {
                "name": "RHSA-2024:1835",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1835"
              },
              {
                "name": "RHSA-2024:1873",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1873"
              },
              {
                "name": "RHSA-2024:1876",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1876"
              },
              {
                "name": "RHSA-2024:1883",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1883"
              },
              {
                "name": "RHSA-2024:1902",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1902"
              },
              {
                "name": "RHSA-2024:1903",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1903"
              },
              {
                "name": "RHSA-2024:1959",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1959"
              },
              {
                "name": "RHSA-2024:2086",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2086"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-40551"
              },
              {
                "name": "RHBZ#2259918",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259918"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-signed",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-1.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos",
                "cpe:/a:redhat:rhel_eus:8.8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos",
                "cpe:/a:redhat:rhel_eus:8.8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-aarch64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9_2",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system\u0027s boot phase."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T19:53:39.583Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1834",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1834"
            },
            {
              "name": "RHSA-2024:1835",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1835"
            },
            {
              "name": "RHSA-2024:1873",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1873"
            },
            {
              "name": "RHSA-2024:1876",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1876"
            },
            {
              "name": "RHSA-2024:1883",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1883"
            },
            {
              "name": "RHSA-2024:1902",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1902"
            },
            {
              "name": "RHSA-2024:1903",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1903"
            },
            {
              "name": "RHSA-2024:1959",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1959"
            },
            {
              "name": "RHSA-2024:2086",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2086"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-40551"
            },
            {
              "name": "RHBZ#2259918",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259918"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-07-26T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-23T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Shim: out of bounds read when parsing mz binaries",
          "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-40551",
        "datePublished": "2024-01-29T16:46:43.579Z",
        "dateReserved": "2023-08-15T20:04:15.616Z",
        "dateUpdated": "2025-11-20T19:53:39.583Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-40550 (GCVE-0-2023-40550)

    Vulnerability from nvd – Published: 2024-01-29 16:29 – Updated: 2026-01-27 10:55
    VLAI
    Title
    Shim: out-of-bound read in verify_buffer_sbat()
    Summary
    An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1834 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1835 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1873 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1876 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1883 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1902 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1903 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1959 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2086 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-40550 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2259915 issue-trackingx_refsource_REDHAT
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-3.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-1.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:15.8-4.el8_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:15.8-2.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:15.8-2.el8 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.8::baseos
        cpe:/a:redhat:rhel_eus:8.8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:15.8-4.el9_3 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-3.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-2.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:15.8-3.el9_2 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Date Public
    2024-01-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.592Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:1834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1834"
              },
              {
                "name": "RHSA-2024:1835",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1835"
              },
              {
                "name": "RHSA-2024:1873",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1873"
              },
              {
                "name": "RHSA-2024:1876",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1876"
              },
              {
                "name": "RHSA-2024:1883",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1883"
              },
              {
                "name": "RHSA-2024:1902",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1902"
              },
              {
                "name": "RHSA-2024:1903",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1903"
              },
              {
                "name": "RHSA-2024:1959",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1959"
              },
              {
                "name": "RHSA-2024:2086",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2086"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-40550"
              },
              {
                "name": "RHBZ#2259915",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259915"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40550",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T19:08:55.327047Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-29T15:08:55.470Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-signed",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-1.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos",
                "cpe:/a:redhat:rhel_eus:8.8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos",
                "cpe:/a:redhat:rhel_eus:8.8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-aarch64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9_2",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system\u0027s boot phase."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-27T10:55:03.902Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1834",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1834"
            },
            {
              "name": "RHSA-2024:1835",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1835"
            },
            {
              "name": "RHSA-2024:1873",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1873"
            },
            {
              "name": "RHSA-2024:1876",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1876"
            },
            {
              "name": "RHSA-2024:1883",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1883"
            },
            {
              "name": "RHSA-2024:1902",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1902"
            },
            {
              "name": "RHSA-2024:1903",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1903"
            },
            {
              "name": "RHSA-2024:1959",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1959"
            },
            {
              "name": "RHSA-2024:2086",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2086"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-40550"
            },
            {
              "name": "RHBZ#2259915",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259915"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-23T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-23T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Shim: out-of-bound read in verify_buffer_sbat()",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-40550",
        "datePublished": "2024-01-29T16:29:23.050Z",
        "dateReserved": "2023-08-15T20:04:15.615Z",
        "dateUpdated": "2026-01-27T10:55:03.902Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-40549 (GCVE-0-2023-40549)

    Vulnerability from nvd – Published: 2024-01-29 16:29 – Updated: 2025-11-20 19:53
    VLAI
    Title
    Shim: out-of-bounds read in verify_buffer_authenticode() malformed pe file
    Summary
    An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1834 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1835 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1873 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1876 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1883 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1902 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1903 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1959 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2086 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-40549 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2241797 issue-trackingx_refsource_REDHAT
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-3.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-1.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:15.8-4.el8_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:15.8-2.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:15.8-2.el8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::crb
        cpe:/o:redhat:rhel_eus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:15.8-4.el9_3 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-3.el9 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-2.el9 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:15.8-3.el9_2 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Date Public
    2024-01-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.333Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:1834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1834"
              },
              {
                "name": "RHSA-2024:1835",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1835"
              },
              {
                "name": "RHSA-2024:1873",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1873"
              },
              {
                "name": "RHSA-2024:1876",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1876"
              },
              {
                "name": "RHSA-2024:1883",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1883"
              },
              {
                "name": "RHSA-2024:1902",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1902"
              },
              {
                "name": "RHSA-2024:1903",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1903"
              },
              {
                "name": "RHSA-2024:1959",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1959"
              },
              {
                "name": "RHSA-2024:2086",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2086"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-40549"
              },
              {
                "name": "RHBZ#2241797",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241797"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40549",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-11T19:17:30.752609Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T17:53:09.919Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-signed",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-1.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-aarch64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9_2",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T19:53:36.835Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1834",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1834"
            },
            {
              "name": "RHSA-2024:1835",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1835"
            },
            {
              "name": "RHSA-2024:1873",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1873"
            },
            {
              "name": "RHSA-2024:1876",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1876"
            },
            {
              "name": "RHSA-2024:1883",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1883"
            },
            {
              "name": "RHSA-2024:1902",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1902"
            },
            {
              "name": "RHSA-2024:1903",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1903"
            },
            {
              "name": "RHSA-2024:1959",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1959"
            },
            {
              "name": "RHSA-2024:2086",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2086"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-40549"
            },
            {
              "name": "RHBZ#2241797",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241797"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-10-02T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-23T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Shim: out-of-bounds read in verify_buffer_authenticode() malformed pe file",
          "workarounds": [
            {
              "lang": "en",
              "value": "There\u0027s no available mitigation for this issue."
            }
          ],
          "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-40549",
        "datePublished": "2024-01-29T16:29:26.170Z",
        "dateReserved": "2023-08-15T20:04:15.615Z",
        "dateUpdated": "2025-11-20T19:53:36.835Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-40546 (GCVE-0-2023-40546)

    Vulnerability from nvd – Published: 2024-01-29 16:29 – Updated: 2025-11-20 19:53
    VLAI
    Title
    Shim: out-of-bounds read printing error messages
    Summary
    A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a crash under certain circumstances.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1834 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1835 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1873 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1876 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1883 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1902 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1903 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1959 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2086 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-40546 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2241796 issue-trackingx_refsource_REDHAT
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-3.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-1.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:15.8-4.el8_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:15.8-2.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:15.8-2.el8 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.8::baseos
        cpe:/a:redhat:rhel_eus:8.8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:15.8-4.el9_3 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-3.el9 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-2.el9 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:15.8-3.el9_2 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Date Public
    2024-01-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.549Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:1834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1834"
              },
              {
                "name": "RHSA-2024:1835",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1835"
              },
              {
                "name": "RHSA-2024:1873",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1873"
              },
              {
                "name": "RHSA-2024:1876",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1876"
              },
              {
                "name": "RHSA-2024:1883",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1883"
              },
              {
                "name": "RHSA-2024:1902",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1902"
              },
              {
                "name": "RHSA-2024:1903",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1903"
              },
              {
                "name": "RHSA-2024:1959",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1959"
              },
              {
                "name": "RHSA-2024:2086",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2086"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-40546"
              },
              {
                "name": "RHBZ#2241796",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241796"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40546",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-29T19:54:29.372942Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:29:16.778Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-signed",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-1.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos",
                "cpe:/a:redhat:rhel_eus:8.8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos",
                "cpe:/a:redhat:rhel_eus:8.8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-aarch64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9_2",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn\u0027t match the format string used by it, leading to a crash under certain circumstances."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T19:53:32.512Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1834",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1834"
            },
            {
              "name": "RHSA-2024:1835",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1835"
            },
            {
              "name": "RHSA-2024:1873",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1873"
            },
            {
              "name": "RHSA-2024:1876",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1876"
            },
            {
              "name": "RHSA-2024:1883",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1883"
            },
            {
              "name": "RHSA-2024:1902",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1902"
            },
            {
              "name": "RHSA-2024:1903",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1903"
            },
            {
              "name": "RHSA-2024:1959",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1959"
            },
            {
              "name": "RHSA-2024:2086",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2086"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-40546"
            },
            {
              "name": "RHBZ#2241796",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241796"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-10-02T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-23T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Shim: out-of-bounds read printing error messages",
          "workarounds": [
            {
              "lang": "en",
              "value": "There\u0027s no available mitigation for this issue."
            }
          ],
          "x_redhatCweChain": "CWE-476: NULL Pointer Dereference"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-40546",
        "datePublished": "2024-01-29T16:29:26.258Z",
        "dateReserved": "2023-08-15T20:04:15.615Z",
        "dateUpdated": "2025-11-20T19:53:32.512Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-40548 (GCVE-0-2023-40548)

    Vulnerability from nvd – Published: 2024-01-29 14:53 – Updated: 2026-06-26 09:44
    VLAI
    Title
    Shim: interger overflow leads to heap buffer overflow in verify_sbat_section on 32-bits systems
    Summary
    A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or data integrity issues during the boot phase.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1834 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1835 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1873 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1876 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1883 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1902 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1903 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1959 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2086 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-40548 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2241782 issue-trackingx_refsource_REDHAT
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-3.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-1.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:15.8-4.el8_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:15.8-2.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:15.8-2.el8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::crb
        cpe:/o:redhat:rhel_eus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:15.8-4.el9_3 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-3.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-2.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:15.8-3.el9_2 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Date Public
    2023-10-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.361Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:1834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1834"
              },
              {
                "name": "RHSA-2024:1835",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1835"
              },
              {
                "name": "RHSA-2024:1873",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1873"
              },
              {
                "name": "RHSA-2024:1876",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1876"
              },
              {
                "name": "RHSA-2024:1883",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1883"
              },
              {
                "name": "RHSA-2024:1902",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1902"
              },
              {
                "name": "RHSA-2024:1903",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1903"
              },
              {
                "name": "RHSA-2024:1959",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1959"
              },
              {
                "name": "RHSA-2024:2086",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2086"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-40548"
              },
              {
                "name": "RHBZ#2241782",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241782"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40548",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T18:45:11.115130Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-29T15:09:22.534Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-signed",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-1.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-aarch64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9_2",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2023-10-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or data integrity issues during the boot phase."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-26T09:44:21.185Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1834",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1834"
            },
            {
              "name": "RHSA-2024:1835",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1835"
            },
            {
              "name": "RHSA-2024:1873",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1873"
            },
            {
              "name": "RHSA-2024:1876",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1876"
            },
            {
              "name": "RHSA-2024:1883",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1883"
            },
            {
              "name": "RHSA-2024:1902",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1902"
            },
            {
              "name": "RHSA-2024:1903",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1903"
            },
            {
              "name": "RHSA-2024:1959",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1959"
            },
            {
              "name": "RHSA-2024:2086",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2086"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-40548"
            },
            {
              "name": "RHBZ#2241782",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241782"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-10-02T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-10-03T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Shim: interger overflow leads to heap buffer overflow in verify_sbat_section on 32-bits systems",
          "workarounds": [
            {
              "lang": "en",
              "value": "There\u0027s no available mitigation for this issue."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-40548",
        "datePublished": "2024-01-29T14:53:44.319Z",
        "dateReserved": "2023-08-15T20:04:15.615Z",
        "dateUpdated": "2026-06-26T09:44:21.185Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-40547 (GCVE-0-2023-40547)

    Vulnerability from nvd – Published: 2024-01-25 15:54 – Updated: 2026-06-26 09:43
    VLAI
    Title
    Shim: rce in http boot support may lead to secure boot bypass
    Summary
    A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-3.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-1.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:15.8-4.el8_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:15.8-2.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:15.8-2.el8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::crb
        cpe:/o:redhat:rhel_eus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:15.8-4.el9_3 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-3.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-2.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:15.8-3.el9_2 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Date Public
    2024-01-23 00:00
    Credits
    Red Hat would like to thank Bill Demirkapi (Microsoft Security Response Center) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.942Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/01/26/1"
              },
              {
                "name": "RHSA-2024:1834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1834"
              },
              {
                "name": "RHSA-2024:1835",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1835"
              },
              {
                "name": "RHSA-2024:1873",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1873"
              },
              {
                "name": "RHSA-2024:1876",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1876"
              },
              {
                "name": "RHSA-2024:1883",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1883"
              },
              {
                "name": "RHSA-2024:1902",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1902"
              },
              {
                "name": "RHSA-2024:1903",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1903"
              },
              {
                "name": "RHSA-2024:1959",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1959"
              },
              {
                "name": "RHSA-2024:2086",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2086"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-40547"
              },
              {
                "name": "RHBZ#2234589",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234589"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40547",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-13T05:00:44.907619Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:19:29.168Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-signed",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-1.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-aarch64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9_2",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Bill Demirkapi (Microsoft Security Response Center) for reporting this issue."
            }
          ],
          "datePublic": "2024-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-26T09:43:31.882Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1834",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1834"
            },
            {
              "name": "RHSA-2024:1835",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1835"
            },
            {
              "name": "RHSA-2024:1873",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1873"
            },
            {
              "name": "RHSA-2024:1876",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1876"
            },
            {
              "name": "RHSA-2024:1883",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1883"
            },
            {
              "name": "RHSA-2024:1902",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1902"
            },
            {
              "name": "RHSA-2024:1903",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1903"
            },
            {
              "name": "RHSA-2024:1959",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1959"
            },
            {
              "name": "RHSA-2024:2086",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2086"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-40547"
            },
            {
              "name": "RHBZ#2234589",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234589"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-05-05T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-23T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Shim: rce in http boot support may lead to secure boot bypass",
          "workarounds": [
            {
              "lang": "en",
              "value": "If a system isn\u2019t required to boot from the network, configure the server\u2019s boot order to disable entirely or skip the network boot."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-40547",
        "datePublished": "2024-01-25T15:54:23.102Z",
        "dateReserved": "2023-08-15T20:04:15.615Z",
        "dateUpdated": "2026-06-26T09:43:31.882Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-6816 (GCVE-0-2023-6816)

    Vulnerability from nvd – Published: 2024-01-18 04:31 – Updated: 2026-03-19 21:23
    VLAI
    Title
    Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer
    Summary
    A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:0320 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0557 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0558 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0597 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0607 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0614 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0617 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0621 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0626 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2169 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2170 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2995 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2996 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-6816 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2257691 issue-trackingx_refsource_REDHAT
    http://www.openwall.com/lists/oss-security/2024/01/18/1 x_transferred
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://security.gentoo.org/glsa/202401-30 x_transferred
    https://security.netapp.com/advisory/ntap-2024030… x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-27.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-31.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.7 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-22.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-15.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.7 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-3.el9_3.6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-24.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:22.1.9-5.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.5 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2024-01-16 00:00
    Credits
    Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:42:07.410Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/01/18/1"
              },
              {
                "name": "RHSA-2024:0320",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0320"
              },
              {
                "name": "RHSA-2024:0557",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0557"
              },
              {
                "name": "RHSA-2024:0558",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0558"
              },
              {
                "name": "RHSA-2024:0597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0597"
              },
              {
                "name": "RHSA-2024:0607",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0607"
              },
              {
                "name": "RHSA-2024:0614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0614"
              },
              {
                "name": "RHSA-2024:0617",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0617"
              },
              {
                "name": "RHSA-2024:0621",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0621"
              },
              {
                "name": "RHSA-2024:0626",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0626"
              },
              {
                "name": "RHSA-2024:0629",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0629"
              },
              {
                "name": "RHSA-2024:2169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2169"
              },
              {
                "name": "RHSA-2024:2170",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2170"
              },
              {
                "name": "RHSA-2024:2996",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2996"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-6816"
              },
              {
                "name": "RHBZ#2257691",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257691"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202401-30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240307-0006/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6816",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-18T14:05:47.630340Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:19:20.905Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-27.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-31.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-22.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-15.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-3.el9_3.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-24.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:22.1.9-5.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.5",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue."
            }
          ],
          "datePublic": "2024-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device\u0027s particular number of buttons, leading to a heap overflow if a bigger value was used."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-19T21:23:24.417Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0320",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0320"
            },
            {
              "name": "RHSA-2024:0557",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0557"
            },
            {
              "name": "RHSA-2024:0558",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0558"
            },
            {
              "name": "RHSA-2024:0597",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0597"
            },
            {
              "name": "RHSA-2024:0607",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0607"
            },
            {
              "name": "RHSA-2024:0614",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0614"
            },
            {
              "name": "RHSA-2024:0617",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0617"
            },
            {
              "name": "RHSA-2024:0621",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0621"
            },
            {
              "name": "RHSA-2024:0626",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0626"
            },
            {
              "name": "RHSA-2024:0629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0629"
            },
            {
              "name": "RHSA-2024:2169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2169"
            },
            {
              "name": "RHSA-2024:2170",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2170"
            },
            {
              "name": "RHSA-2024:2995",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2995"
            },
            {
              "name": "RHSA-2024:2996",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2996"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-6816"
            },
            {
              "name": "RHBZ#2257691",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257691"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-10T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-16T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-6816",
        "datePublished": "2024-01-18T04:31:07.908Z",
        "dateReserved": "2023-12-14T04:34:38.017Z",
        "dateUpdated": "2026-03-19T21:23:24.417Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-0646 (GCVE-0-2024-0646)

    Vulnerability from nvd – Published: 2024-01-17 15:16 – Updated: 2025-11-06 20:51
    VLAI
    Title
    Kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination
    Summary
    An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:0723 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0724 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0725 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0850 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0851 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0876 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0881 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0897 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1248 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1250 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1251 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1253 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1268 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1269 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1278 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1306 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1367 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1368 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1377 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1382 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1404 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2094 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-0646 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2253908 issue-trackingx_refsource_REDHAT
    https://git.kernel.org/pub/scm/linux/kernel/git/t…
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    Impacted products
    Vendor Product Version
    Affected: 0 , < 6.7-rc5 (semver)
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-513.18.1.rt7.320.el8_9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::realtime
        cpe:/a:redhat:enterprise_linux:8::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-513.18.1.el8_9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:4.18.0-193.128.1.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:4.18.0-193.128.1.rt13.179.el8_2 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::realtime
        cpe:/a:redhat:rhel_tus:8.2::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:4.18.0-193.128.1.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:4.18.0-193.128.1.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions     cpe:/o:redhat:rhel_e4s:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:4.18.0-305.125.1.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:4.18.0-305.125.1.rt7.201.el8_4 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.4::realtime
        cpe:/a:redhat:rhel_tus:8.4::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:4.18.0-305.125.1.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:4.18.0-305.125.1.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions     cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:4.18.0-372.91.1.el8_6 , < * (rpm)
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/a:redhat:rhel_eus:8.6::crb
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support     cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support     cpe:/o:redhat:rhel_eus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:4.18.0-477.51.1.el8_8 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.8::baseos
        cpe:/a:redhat:rhel_eus:8.8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:5.14.0-362.24.1.el9_3 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::nfv
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::realtime
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:5.14.0-70.93.2.el9_0 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:5.14.0-70.93.1.rt21.165.el9_0 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::realtime
        cpe:/a:redhat:rhel_eus:9.0::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support     cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:5.14.0-284.52.1.el9_2 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
        cpe:/a:redhat:rhel_eus:9.2::crb
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:5.14.0-284.52.1.rt14.337.el9_2 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::nfv
        cpe:/a:redhat:rhel_eus:9.2::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support     cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-372.91.1.el8_6 , < * (rpm)
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/a:redhat:rhel_eus:8.6::crb
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-22 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-11 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v6.8.1-407 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-19 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v1.0.0-479 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-7 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.4.0-247 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-5 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v1.1.0-227 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.1-470 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v2.9.6-14 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-2 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-24 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-10 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.1.0-525 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.1.0-224 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.28.1-56 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2023-12-07 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:11:35.718Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:0723",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0723"
              },
              {
                "name": "RHSA-2024:0724",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0724"
              },
              {
                "name": "RHSA-2024:0725",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0725"
              },
              {
                "name": "RHSA-2024:0850",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0850"
              },
              {
                "name": "RHSA-2024:0851",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0851"
              },
              {
                "name": "RHSA-2024:0876",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0876"
              },
              {
                "name": "RHSA-2024:0881",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0881"
              },
              {
                "name": "RHSA-2024:0897",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0897"
              },
              {
                "name": "RHSA-2024:1248",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1248"
              },
              {
                "name": "RHSA-2024:1250",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1250"
              },
              {
                "name": "RHSA-2024:1251",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1251"
              },
              {
                "name": "RHSA-2024:1253",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1253"
              },
              {
                "name": "RHSA-2024:1268",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1268"
              },
              {
                "name": "RHSA-2024:1269",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1269"
              },
              {
                "name": "RHSA-2024:1278",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1278"
              },
              {
                "name": "RHSA-2024:1306",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1306"
              },
              {
                "name": "RHSA-2024:1367",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1367"
              },
              {
                "name": "RHSA-2024:1368",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1368"
              },
              {
                "name": "RHSA-2024:1377",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1377"
              },
              {
                "name": "RHSA-2024:1382",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1382"
              },
              {
                "name": "RHSA-2024:1404",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1404"
              },
              {
                "name": "RHSA-2024:2094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2094"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-0646"
              },
              {
                "name": "RHBZ#2253908",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253908"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5a595000e267"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0646",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-10T04:00:15.716357Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:19:19.245Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://git.kernel.org/pub/scm/linux/kernel",
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "versions": [
                {
                  "lessThan": "6.7-rc5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::realtime",
                "cpe:/a:redhat:enterprise_linux:8::nfv"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-513.18.1.rt7.320.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-513.18.1.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-193.128.1.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::realtime",
                "cpe:/a:redhat:rhel_tus:8.2::nfv"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-193.128.1.rt13.179.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-193.128.1.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-193.128.1.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.2::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.125.1.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.4::realtime",
                "cpe:/a:redhat:rhel_tus:8.4::nfv"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.125.1.rt7.201.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.125.1.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.125.1.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/a:redhat:rhel_eus:8.6::crb",
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-372.91.1.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos",
                "cpe:/a:redhat:rhel_eus:8.8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-477.51.1.el8_8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::nfv",
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::realtime",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-362.24.1.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::nfv",
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::realtime",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-362.24.1.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-70.93.2.el9_0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::realtime",
                "cpe:/a:redhat:rhel_eus:9.0::nfv"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-70.93.1.rt21.165.el9_0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream",
                "cpe:/a:redhat:rhel_eus:9.2::crb",
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-284.52.1.el9_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::nfv",
                "cpe:/a:redhat:rhel_eus:9.2::realtime"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-284.52.1.rt14.337.el9_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/a:redhat:rhel_eus:8.6::crb",
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-372.91.1.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/cluster-logging-operator-bundle",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-22",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/cluster-logging-rhel9-operator",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch6-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v6.8.1-407",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-operator-bundle",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-19",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-proxy-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.0.0-479",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-rhel9-operator",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/eventrouter-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.4.0-247",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/fluentd-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-5",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/log-file-metric-exporter-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.1.0-227",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-curator5-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.1-470",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-loki-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v2.9.6-14",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-view-plugin-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/loki-operator-bundle",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-24",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/loki-rhel9-operator",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/lokistack-gateway-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-525",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/opa-openshift-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-224",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/vector-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.28.1-56",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2023-12-07T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An out-of-bounds memory write flaw was found in the Linux kernel\u2019s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-06T20:51:54.670Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0723",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0723"
            },
            {
              "name": "RHSA-2024:0724",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0724"
            },
            {
              "name": "RHSA-2024:0725",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0725"
            },
            {
              "name": "RHSA-2024:0850",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0850"
            },
            {
              "name": "RHSA-2024:0851",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0851"
            },
            {
              "name": "RHSA-2024:0876",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0876"
            },
            {
              "name": "RHSA-2024:0881",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0881"
            },
            {
              "name": "RHSA-2024:0897",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0897"
            },
            {
              "name": "RHSA-2024:1248",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1248"
            },
            {
              "name": "RHSA-2024:1250",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1250"
            },
            {
              "name": "RHSA-2024:1251",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1251"
            },
            {
              "name": "RHSA-2024:1253",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1253"
            },
            {
              "name": "RHSA-2024:1268",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1268"
            },
            {
              "name": "RHSA-2024:1269",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1269"
            },
            {
              "name": "RHSA-2024:1278",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1278"
            },
            {
              "name": "RHSA-2024:1306",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1306"
            },
            {
              "name": "RHSA-2024:1367",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1367"
            },
            {
              "name": "RHSA-2024:1368",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1368"
            },
            {
              "name": "RHSA-2024:1377",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1377"
            },
            {
              "name": "RHSA-2024:1382",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1382"
            },
            {
              "name": "RHSA-2024:1404",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1404"
            },
            {
              "name": "RHSA-2024:2094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2094"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-0646"
            },
            {
              "name": "RHBZ#2253908",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253908"
            },
            {
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5a595000e267"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-17T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-12-07T06:30:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination",
          "workarounds": [
            {
              "lang": "en",
              "value": "To mitigate this issue, prevent module tls from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically."
            }
          ],
          "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-0646",
        "datePublished": "2024-01-17T15:16:45.148Z",
        "dateReserved": "2024-01-17T13:11:12.669Z",
        "dateUpdated": "2025-11-06T20:51:54.670Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-31083 (GCVE-0-2024-31083)

    Vulnerability from cvelistv5 – Published: 2024-04-05 12:04 – Updated: 2025-11-20 07:19
    VLAI
    Title
    Xorg-x11-server: use-after-free in procrenderaddglyphs
    Summary
    A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1785 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2036 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2037 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2038 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2039 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2040 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2041 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2042 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2080 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2616 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3258 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3261 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3343 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:9093 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:9122 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-31083 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2272000 issue-trackingx_refsource_REDHAT
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    Impacted products
    Vendor Product Version
    Affected: 21.1.12
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-29.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-33.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-23.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-10.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-16.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.11 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.10 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-8.el9_4.3 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-1.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-26.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.11 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2024-04-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31083",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-05T18:36:25.769082Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-20T14:32:44.924Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:46:04.596Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/03/13"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/12/10"
              },
              {
                "name": "RHSA-2024:1785",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1785"
              },
              {
                "name": "RHSA-2024:2036",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2036"
              },
              {
                "name": "RHSA-2024:2037",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2037"
              },
              {
                "name": "RHSA-2024:2038",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2038"
              },
              {
                "name": "RHSA-2024:2039",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2039"
              },
              {
                "name": "RHSA-2024:2040",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2040"
              },
              {
                "name": "RHSA-2024:2041",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2041"
              },
              {
                "name": "RHSA-2024:2042",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2042"
              },
              {
                "name": "RHSA-2024:2080",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2080"
              },
              {
                "name": "RHSA-2024:2616",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2616"
              },
              {
                "name": "RHSA-2024:3258",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3258"
              },
              {
                "name": "RHSA-2024:3261",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3261"
              },
              {
                "name": "RHSA-2024:3343",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3343"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-31083"
              },
              {
                "name": "RHBZ#2272000",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272000"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "defaultStatus": "unaffected",
              "packageName": "xorg-x11-server",
              "versions": [
                {
                  "status": "affected",
                  "version": "21.1.12"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-29.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-33.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-23.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-10.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-16.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-8.el9_4.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:23.2.7-1.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-26.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2024-04-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T07:19:07.523Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1785",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1785"
            },
            {
              "name": "RHSA-2024:2036",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2036"
            },
            {
              "name": "RHSA-2024:2037",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2037"
            },
            {
              "name": "RHSA-2024:2038",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2038"
            },
            {
              "name": "RHSA-2024:2039",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2039"
            },
            {
              "name": "RHSA-2024:2040",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2040"
            },
            {
              "name": "RHSA-2024:2041",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2041"
            },
            {
              "name": "RHSA-2024:2042",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2042"
            },
            {
              "name": "RHSA-2024:2080",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2080"
            },
            {
              "name": "RHSA-2024:2616",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2616"
            },
            {
              "name": "RHSA-2024:3258",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3258"
            },
            {
              "name": "RHSA-2024:3261",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3261"
            },
            {
              "name": "RHSA-2024:3343",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3343"
            },
            {
              "name": "RHSA-2024:9093",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:9093"
            },
            {
              "name": "RHSA-2024:9122",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:9122"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-31083"
            },
            {
              "name": "RHBZ#2272000",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272000"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-28T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-04-03T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: use-after-free in procrenderaddglyphs",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-416: Use After Free"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-31083",
        "datePublished": "2024-04-05T12:04:49.414Z",
        "dateReserved": "2024-03-28T02:56:55.575Z",
        "dateUpdated": "2025-11-20T07:19:07.523Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-31081 (GCVE-0-2024-31081)

    Vulnerability from cvelistv5 – Published: 2024-04-04 13:48 – Updated: 2025-11-20 07:19
    VLAI
    Title
    Xorg-x11-server: heap buffer overread/data leakage in procxipassivegrabdevice
    Summary
    A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1785 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2036 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2037 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2038 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2039 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2040 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2041 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2042 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2080 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2616 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3258 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3261 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3343 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:9093 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:9122 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-31081 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2271998 issue-trackingx_refsource_REDHAT
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    Impacted products
    Vendor Product Version
    Affected: 1.7.0
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-29.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-33.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-23.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-10.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-16.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.11 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.10 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-8.el9_4.3 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-1.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-26.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.11 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2024-04-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31081",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-04T16:37:41.931286Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-05T17:22:25.941Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:46:04.378Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/03/13"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/12/10"
              },
              {
                "name": "RHSA-2024:1785",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1785"
              },
              {
                "name": "RHSA-2024:2036",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2036"
              },
              {
                "name": "RHSA-2024:2037",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2037"
              },
              {
                "name": "RHSA-2024:2038",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2038"
              },
              {
                "name": "RHSA-2024:2039",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2039"
              },
              {
                "name": "RHSA-2024:2040",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2040"
              },
              {
                "name": "RHSA-2024:2041",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2041"
              },
              {
                "name": "RHSA-2024:2042",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2042"
              },
              {
                "name": "RHSA-2024:2080",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2080"
              },
              {
                "name": "RHSA-2024:2616",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2616"
              },
              {
                "name": "RHSA-2024:3258",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3258"
              },
              {
                "name": "RHSA-2024:3261",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3261"
              },
              {
                "name": "RHSA-2024:3343",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3343"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-31081"
              },
              {
                "name": "RHBZ#2271998",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271998"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "defaultStatus": "unaffected",
              "packageName": "xorg-server",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.7.0"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-29.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-33.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-23.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-10.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-16.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-8.el9_4.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:23.2.7-1.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-26.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2024-04-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T07:19:00.688Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1785",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1785"
            },
            {
              "name": "RHSA-2024:2036",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2036"
            },
            {
              "name": "RHSA-2024:2037",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2037"
            },
            {
              "name": "RHSA-2024:2038",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2038"
            },
            {
              "name": "RHSA-2024:2039",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2039"
            },
            {
              "name": "RHSA-2024:2040",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2040"
            },
            {
              "name": "RHSA-2024:2041",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2041"
            },
            {
              "name": "RHSA-2024:2042",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2042"
            },
            {
              "name": "RHSA-2024:2080",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2080"
            },
            {
              "name": "RHSA-2024:2616",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2616"
            },
            {
              "name": "RHSA-2024:3258",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3258"
            },
            {
              "name": "RHSA-2024:3261",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3261"
            },
            {
              "name": "RHSA-2024:3343",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3343"
            },
            {
              "name": "RHSA-2024:9093",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:9093"
            },
            {
              "name": "RHSA-2024:9122",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:9122"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-31081"
            },
            {
              "name": "RHBZ#2271998",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271998"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-28T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-04-03T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: heap buffer overread/data leakage in procxipassivegrabdevice",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-126: Buffer Over-read"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-31081",
        "datePublished": "2024-04-04T13:48:12.848Z",
        "dateReserved": "2024-03-28T02:56:55.575Z",
        "dateUpdated": "2025-11-20T07:19:00.688Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-31080 (GCVE-0-2024-31080)

    Vulnerability from cvelistv5 – Published: 2024-04-04 13:47 – Updated: 2025-11-20 07:18
    VLAI
    Title
    Xorg-x11-server: heap buffer overread/data leakage in procxigetselectedevents
    Summary
    A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1785 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2036 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2037 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2038 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2039 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2040 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2041 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2042 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2080 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2616 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3258 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3261 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:3343 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:9093 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:9122 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-31080 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2271997 issue-trackingx_refsource_REDHAT
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    http://www.openwall.com/lists/oss-security/2024/0… x_transferred
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    Impacted products
    Vendor Product Version
    Affected: 29.1.0 , < * (semver)
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-29.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-33.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-23.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-10.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-16.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.11 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.10 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.11 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.10 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-8.el9_4.3 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-1.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-26.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.11 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2024-04-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:46:04.428Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/03/13"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/04/12/10"
              },
              {
                "name": "RHSA-2024:1785",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1785"
              },
              {
                "name": "RHSA-2024:2036",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2036"
              },
              {
                "name": "RHSA-2024:2037",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2037"
              },
              {
                "name": "RHSA-2024:2038",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2038"
              },
              {
                "name": "RHSA-2024:2039",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2039"
              },
              {
                "name": "RHSA-2024:2040",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2040"
              },
              {
                "name": "RHSA-2024:2041",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2041"
              },
              {
                "name": "RHSA-2024:2042",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2042"
              },
              {
                "name": "RHSA-2024:2080",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2080"
              },
              {
                "name": "RHSA-2024:2616",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2616"
              },
              {
                "name": "RHSA-2024:3258",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3258"
              },
              {
                "name": "RHSA-2024:3261",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3261"
              },
              {
                "name": "RHSA-2024:3343",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:3343"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-31080"
              },
              {
                "name": "RHBZ#2271997",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271997"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31080",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-07T15:41:05.539453Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-03T18:18:59.223Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "defaultStatus": "unaffected",
              "packageName": "xorg-server",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "affected",
                  "version": "29.1.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-29.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-33.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-23.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-10.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-16.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-8.el9_4.3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:23.2.7-1.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-26.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "unaffected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2024-04-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "Buffer Over-read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T07:18:58.383Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1785",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1785"
            },
            {
              "name": "RHSA-2024:2036",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2036"
            },
            {
              "name": "RHSA-2024:2037",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2037"
            },
            {
              "name": "RHSA-2024:2038",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2038"
            },
            {
              "name": "RHSA-2024:2039",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2039"
            },
            {
              "name": "RHSA-2024:2040",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2040"
            },
            {
              "name": "RHSA-2024:2041",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2041"
            },
            {
              "name": "RHSA-2024:2042",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2042"
            },
            {
              "name": "RHSA-2024:2080",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2080"
            },
            {
              "name": "RHSA-2024:2616",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2616"
            },
            {
              "name": "RHSA-2024:3258",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3258"
            },
            {
              "name": "RHSA-2024:3261",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3261"
            },
            {
              "name": "RHSA-2024:3343",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:3343"
            },
            {
              "name": "RHSA-2024:9093",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:9093"
            },
            {
              "name": "RHSA-2024:9122",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:9122"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-31080"
            },
            {
              "name": "RHBZ#2271997",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271997"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-03-28T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-04-03T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: heap buffer overread/data leakage in procxigetselectedevents",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-126: Buffer Over-read"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-31080",
        "datePublished": "2024-04-04T13:47:33.926Z",
        "dateReserved": "2024-03-28T02:56:55.574Z",
        "dateUpdated": "2025-11-20T07:18:58.383Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-21886 (GCVE-0-2024-21886)

    Vulnerability from cvelistv5 – Published: 2024-02-28 12:13 – Updated: 2025-11-06 20:53
    VLAI
    Title
    Xorg-x11-server: heap buffer overflow in disabledevice
    Summary
    A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:0320 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0557 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0558 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0597 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0607 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0614 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0617 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0621 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0626 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2169 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2170 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2995 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2996 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-21886 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2256542 issue-trackingx_refsource_REDHAT
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.debian.org/debian-lts-announce/2024…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    Impacted products
    Vendor Product Version
    Affected: 1.21.1.7
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-27.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::server
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-31.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::server
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.7 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-22.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
        cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-15.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.7 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-3.el9_3.6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-24.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:22.1.9-5.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.5 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    xorg xserver Affected: *
        cpe:2.3:a:xorg:xserver:*:*:*:*:*:*:*:*
    Create a notification for this product.
    xorg xwayland Affected: *
        cpe:2.3:a:xorg:xwayland:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-01-16 00:00
    Credits
    Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:xorg:xserver:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "xserver",
                "vendor": "xorg",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:xorg:xwayland:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "xwayland",
                "vendor": "xorg",
                "versions": [
                  {
                    "status": "affected",
                    "version": "*"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21886",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-23T21:47:31.702467Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:37:54.900Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T22:05:35.965Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:0320",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0320"
              },
              {
                "name": "RHSA-2024:0557",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0557"
              },
              {
                "name": "RHSA-2024:0558",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0558"
              },
              {
                "name": "RHSA-2024:0597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0597"
              },
              {
                "name": "RHSA-2024:0607",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0607"
              },
              {
                "name": "RHSA-2024:0614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0614"
              },
              {
                "name": "RHSA-2024:0617",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0617"
              },
              {
                "name": "RHSA-2024:0621",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0621"
              },
              {
                "name": "RHSA-2024:0626",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0626"
              },
              {
                "name": "RHSA-2024:0629",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0629"
              },
              {
                "name": "RHSA-2024:2169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2169"
              },
              {
                "name": "RHSA-2024:2170",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2170"
              },
              {
                "name": "RHSA-2024:2995",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2995"
              },
              {
                "name": "RHSA-2024:2996",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2996"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-21886"
              },
              {
                "name": "RHBZ#2256542",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256542"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZ2IJJDHJETNE76VUX4G7UI5EG5HYFEH/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "defaultStatus": "unaffected",
              "packageName": "xorg-server",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.21.1.7"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::server"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-27.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::server"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-31.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream",
                "cpe:/a:redhat:enterprise_linux:8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-22.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-15.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-3.el9_3.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-24.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:22.1.9-5.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.5",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue."
            }
          ],
          "datePublic": "2024-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-06T20:53:28.237Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0320",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0320"
            },
            {
              "name": "RHSA-2024:0557",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0557"
            },
            {
              "name": "RHSA-2024:0558",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0558"
            },
            {
              "name": "RHSA-2024:0597",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0597"
            },
            {
              "name": "RHSA-2024:0607",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0607"
            },
            {
              "name": "RHSA-2024:0614",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0614"
            },
            {
              "name": "RHSA-2024:0617",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0617"
            },
            {
              "name": "RHSA-2024:0621",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0621"
            },
            {
              "name": "RHSA-2024:0626",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0626"
            },
            {
              "name": "RHSA-2024:0629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0629"
            },
            {
              "name": "RHSA-2024:2169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2169"
            },
            {
              "name": "RHSA-2024:2170",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2170"
            },
            {
              "name": "RHSA-2024:2995",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2995"
            },
            {
              "name": "RHSA-2024:2996",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2996"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-21886"
            },
            {
              "name": "RHBZ#2256542",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256542"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-02T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-16T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: heap buffer overflow in disabledevice",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-21886",
        "datePublished": "2024-02-28T12:13:12.555Z",
        "dateReserved": "2024-01-02T21:57:08.796Z",
        "dateUpdated": "2025-11-06T20:53:28.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-21885 (GCVE-0-2024-21885)

    Vulnerability from cvelistv5 – Published: 2024-02-28 12:11 – Updated: 2025-11-06 20:53
    VLAI
    Title
    Xorg-x11-server: heap buffer overflow in xisenddevicehierarchyevent
    Summary
    A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remote code execution in SSH X11 forwarding environments.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:0320 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0557 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0558 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0597 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0607 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0614 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0617 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0621 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0626 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2169 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2170 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2995 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2996 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-21885 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2256540 issue-trackingx_refsource_REDHAT
    https://security.netapp.com/advisory/ntap-2024050… x_transferred
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.debian.org/debian-lts-announce/2024…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    Impacted products
    Vendor Product Version
    Affected: 0 , < 21.1.11 (semver)
    Unaffected: 21.1.11 , < * (semver)
    Affected: 0 , < 23.2.4 (semver)
    Unaffected: 23.2.4 , < * (semver)
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-27.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-31.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.7 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-22.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
        cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-15.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.7 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-3.el9_3.6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-24.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:22.1.9-5.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.5 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2024-01-16 00:00
    Credits
    Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21885",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-26T16:17:45.889071Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-13T13:36:52.093Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T18:23:11.066Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:0320",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0320"
              },
              {
                "name": "RHSA-2024:0557",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0557"
              },
              {
                "name": "RHSA-2024:0558",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0558"
              },
              {
                "name": "RHSA-2024:0597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0597"
              },
              {
                "name": "RHSA-2024:0607",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0607"
              },
              {
                "name": "RHSA-2024:0614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0614"
              },
              {
                "name": "RHSA-2024:0617",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0617"
              },
              {
                "name": "RHSA-2024:0621",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0621"
              },
              {
                "name": "RHSA-2024:0626",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0626"
              },
              {
                "name": "RHSA-2024:0629",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0629"
              },
              {
                "name": "RHSA-2024:2169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2169"
              },
              {
                "name": "RHSA-2024:2170",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2170"
              },
              {
                "name": "RHSA-2024:2995",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2995"
              },
              {
                "name": "RHSA-2024:2996",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2996"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-21885"
              },
              {
                "name": "RHBZ#2256540",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256540"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240503-0004/"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "packageName": "xorg-server",
              "versions": [
                {
                  "lessThan": "21.1.11",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "21.1.11",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "packageName": "xwayland",
              "versions": [
                {
                  "lessThan": "23.2.4",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "23.2.4",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-27.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-31.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream",
                "cpe:/a:redhat:enterprise_linux:8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-22.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-15.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-3.el9_3.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-24.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:22.1.9-5.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.5",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue."
            }
          ],
          "datePublic": "2024-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remote code execution in SSH X11 forwarding environments."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-06T20:53:28.030Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0320",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0320"
            },
            {
              "name": "RHSA-2024:0557",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0557"
            },
            {
              "name": "RHSA-2024:0558",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0558"
            },
            {
              "name": "RHSA-2024:0597",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0597"
            },
            {
              "name": "RHSA-2024:0607",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0607"
            },
            {
              "name": "RHSA-2024:0614",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0614"
            },
            {
              "name": "RHSA-2024:0617",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0617"
            },
            {
              "name": "RHSA-2024:0621",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0621"
            },
            {
              "name": "RHSA-2024:0626",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0626"
            },
            {
              "name": "RHSA-2024:0629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0629"
            },
            {
              "name": "RHSA-2024:2169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2169"
            },
            {
              "name": "RHSA-2024:2170",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2170"
            },
            {
              "name": "RHSA-2024:2995",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2995"
            },
            {
              "name": "RHSA-2024:2996",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2996"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-21885"
            },
            {
              "name": "RHBZ#2256540",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256540"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-02T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-16T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: heap buffer overflow in xisenddevicehierarchyevent",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-21885",
        "datePublished": "2024-02-28T12:11:59.650Z",
        "dateReserved": "2024-01-02T21:57:08.796Z",
        "dateUpdated": "2025-11-06T20:53:28.030Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-1488 (GCVE-0-2024-1488)

    Vulnerability from cvelistv5 – Published: 2024-02-15 05:04 – Updated: 2025-11-11 15:29
    VLAI
    Title
    Unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation
    Summary
    A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1750 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1780 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1801 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1802 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1804 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2587 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2696 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:0837 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-1488 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2264183 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Affected: 1.16.2
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.16.2-5.el8_9.6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.16.2-5.8.el8_10 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.7.3-12.el8_2.1 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.7.3-12.el8_2.1 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.7.3-12.el8_2.1 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.7.3-15.el8_4.1 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.7.3-15.el8_4.1 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.7.3-15.el8_4.1 , < * (rpm)
        cpe:/a:redhat:rhel_aus:8.4::appstream
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.7.3-17.el8_6.4 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.16.2-5.el8_8.4 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.16.2-3.el9_3.5 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.13.1-13.el9_0.4 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.16.2-3.el9_2.4 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
        cpe:/a:redhat:rhel_eus:9.2::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Date Public
    2024-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-1488",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-15T18:02:37.532018Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-05T17:22:53.092Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:40:21.182Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:1750",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1750"
              },
              {
                "name": "RHSA-2024:1751",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1751"
              },
              {
                "name": "RHSA-2024:1780",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1780"
              },
              {
                "name": "RHSA-2024:1801",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1801"
              },
              {
                "name": "RHSA-2024:1802",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1802"
              },
              {
                "name": "RHSA-2024:1804",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1804"
              },
              {
                "name": "RHSA-2024:2587",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2587"
              },
              {
                "name": "RHSA-2024:2696",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2696"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-1488"
              },
              {
                "name": "RHBZ#2264183",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264183"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://src.fedoraproject.org/rpms/unbound/",
              "defaultStatus": "unaffected",
              "packageName": "unbound",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.16.2"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.16.2-5.el8_9.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.16.2-5.8.el8_10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.7.3-12.el8_2.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.7.3-12.el8_2.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.7.3-12.el8_2.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.7.3-15.el8_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.7.3-15.el8_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_aus:8.4::appstream",
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.7.3-15.el8_4.1",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.7.3-17.el8_6.4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.16.2-5.el8_8.4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.16.2-3.el9_3.5",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-13.el9_0.4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream",
                "cpe:/a:redhat:rhel_eus:9.2::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.16.2-3.el9_2.4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "affected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unaffected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "unbound",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2024-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-11T15:29:53.824Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1750",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1750"
            },
            {
              "name": "RHSA-2024:1751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1751"
            },
            {
              "name": "RHSA-2024:1780",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1780"
            },
            {
              "name": "RHSA-2024:1801",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1801"
            },
            {
              "name": "RHSA-2024:1802",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1802"
            },
            {
              "name": "RHSA-2024:1804",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1804"
            },
            {
              "name": "RHSA-2024:2587",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2587"
            },
            {
              "name": "RHSA-2024:2696",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2696"
            },
            {
              "name": "RHSA-2025:0837",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:0837"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-1488"
            },
            {
              "name": "RHBZ#2264183",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264183"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-02-14T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-02-13T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-276: Incorrect Default Permissions"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-1488",
        "datePublished": "2024-02-15T05:04:13.994Z",
        "dateReserved": "2024-02-14T12:47:25.283Z",
        "dateUpdated": "2025-11-11T15:29:53.824Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-0229 (GCVE-0-2024-0229)

    Vulnerability from cvelistv5 – Published: 2024-02-09 06:29 – Updated: 2025-11-06 20:51
    VLAI
    Title
    Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
    Summary
    An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:0320 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0557 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0558 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0597 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0607 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0614 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0617 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0621 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0626 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2169 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2170 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2995 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2996 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-0229 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2256690 issue-trackingx_refsource_REDHAT
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.debian.org/debian-lts-announce/2024…
    https://lists.fedoraproject.org/archives/list/pac…
    https://lists.fedoraproject.org/archives/list/pac…
    Impacted products
    Vendor Product Version
    Affected: 21.1.0 , < 21.1.11 (semver)
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-27.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-31.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::computenode
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.7 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-22.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
        cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-15.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.7 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-3.el9_3.6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-24.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:22.1.9-5.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.5 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2024-01-16 00:00
    Credits
    Upstream acknowledges Jan-Niklas Sohn (Trend Micro Zero Day Initiative) as the original reporter.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T18:22:19.221Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:0320",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0320"
              },
              {
                "name": "RHSA-2024:0557",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0557"
              },
              {
                "name": "RHSA-2024:0558",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0558"
              },
              {
                "name": "RHSA-2024:0597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0597"
              },
              {
                "name": "RHSA-2024:0607",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0607"
              },
              {
                "name": "RHSA-2024:0614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0614"
              },
              {
                "name": "RHSA-2024:0617",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0617"
              },
              {
                "name": "RHSA-2024:0621",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0621"
              },
              {
                "name": "RHSA-2024:0626",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0626"
              },
              {
                "name": "RHSA-2024:0629",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0629"
              },
              {
                "name": "RHSA-2024:2169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2169"
              },
              {
                "name": "RHSA-2024:2170",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2170"
              },
              {
                "name": "RHSA-2024:2995",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2995"
              },
              {
                "name": "RHSA-2024:2996",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2996"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-0229"
              },
              {
                "name": "RHBZ#2256690",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256690"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
              },
              {
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0229",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-12T16:50:56.761255Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-29T14:31:56.224Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
              "defaultStatus": "unaffected",
              "packageName": "xorg-server",
              "versions": [
                {
                  "lessThan": "21.1.11",
                  "status": "affected",
                  "version": "21.1.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-27.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::computenode",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-31.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream",
                "cpe:/a:redhat:enterprise_linux:8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-22.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-15.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-3.el9_3.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-24.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:22.1.9-5.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.5",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Upstream acknowledges Jan-Niklas Sohn (Trend Micro Zero Day Initiative) as the original reporter."
            }
          ],
          "datePublic": "2024-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-06T20:51:57.196Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0320",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0320"
            },
            {
              "name": "RHSA-2024:0557",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0557"
            },
            {
              "name": "RHSA-2024:0558",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0558"
            },
            {
              "name": "RHSA-2024:0597",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0597"
            },
            {
              "name": "RHSA-2024:0607",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0607"
            },
            {
              "name": "RHSA-2024:0614",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0614"
            },
            {
              "name": "RHSA-2024:0617",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0617"
            },
            {
              "name": "RHSA-2024:0621",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0621"
            },
            {
              "name": "RHSA-2024:0626",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0626"
            },
            {
              "name": "RHSA-2024:0629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0629"
            },
            {
              "name": "RHSA-2024:2169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2169"
            },
            {
              "name": "RHSA-2024:2170",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2170"
            },
            {
              "name": "RHSA-2024:2995",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2995"
            },
            {
              "name": "RHSA-2024:2996",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2996"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-0229"
            },
            {
              "name": "RHBZ#2256690",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256690"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-03T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-16T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-0229",
        "datePublished": "2024-02-09T06:29:51.542Z",
        "dateReserved": "2024-01-03T21:53:07.804Z",
        "dateUpdated": "2025-11-06T20:51:57.196Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-40551 (GCVE-0-2023-40551)

    Vulnerability from cvelistv5 – Published: 2024-01-29 16:46 – Updated: 2025-11-20 19:53
    VLAI
    Title
    Shim: out of bounds read when parsing mz binaries
    Summary
    A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1834 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1835 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1873 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1876 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1883 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1902 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1903 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1959 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2086 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-40551 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2259918 issue-trackingx_refsource_REDHAT
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-3.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-1.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:15.8-4.el8_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:15.8-2.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:15.8-2.el8 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.8::baseos
        cpe:/a:redhat:rhel_eus:8.8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:15.8-4.el9_3 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-3.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-2.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:15.8-3.el9_2 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Date Public
    2024-01-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40551",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-25T16:31:11.138934Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:19:12.747Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.616Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:1834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1834"
              },
              {
                "name": "RHSA-2024:1835",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1835"
              },
              {
                "name": "RHSA-2024:1873",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1873"
              },
              {
                "name": "RHSA-2024:1876",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1876"
              },
              {
                "name": "RHSA-2024:1883",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1883"
              },
              {
                "name": "RHSA-2024:1902",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1902"
              },
              {
                "name": "RHSA-2024:1903",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1903"
              },
              {
                "name": "RHSA-2024:1959",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1959"
              },
              {
                "name": "RHSA-2024:2086",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2086"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-40551"
              },
              {
                "name": "RHBZ#2259918",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259918"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-signed",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-1.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos",
                "cpe:/a:redhat:rhel_eus:8.8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos",
                "cpe:/a:redhat:rhel_eus:8.8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-aarch64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9_2",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system\u0027s boot phase."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T19:53:39.583Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1834",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1834"
            },
            {
              "name": "RHSA-2024:1835",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1835"
            },
            {
              "name": "RHSA-2024:1873",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1873"
            },
            {
              "name": "RHSA-2024:1876",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1876"
            },
            {
              "name": "RHSA-2024:1883",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1883"
            },
            {
              "name": "RHSA-2024:1902",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1902"
            },
            {
              "name": "RHSA-2024:1903",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1903"
            },
            {
              "name": "RHSA-2024:1959",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1959"
            },
            {
              "name": "RHSA-2024:2086",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2086"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-40551"
            },
            {
              "name": "RHBZ#2259918",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259918"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-07-26T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-23T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Shim: out of bounds read when parsing mz binaries",
          "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-40551",
        "datePublished": "2024-01-29T16:46:43.579Z",
        "dateReserved": "2023-08-15T20:04:15.616Z",
        "dateUpdated": "2025-11-20T19:53:39.583Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-40546 (GCVE-0-2023-40546)

    Vulnerability from cvelistv5 – Published: 2024-01-29 16:29 – Updated: 2025-11-20 19:53
    VLAI
    Title
    Shim: out-of-bounds read printing error messages
    Summary
    A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a crash under certain circumstances.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1834 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1835 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1873 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1876 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1883 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1902 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1903 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1959 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2086 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-40546 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2241796 issue-trackingx_refsource_REDHAT
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-3.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-1.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:15.8-4.el8_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:15.8-2.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:15.8-2.el8 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.8::baseos
        cpe:/a:redhat:rhel_eus:8.8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:15.8-4.el9_3 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-3.el9 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-2.el9 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:15.8-3.el9_2 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Date Public
    2024-01-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.549Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:1834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1834"
              },
              {
                "name": "RHSA-2024:1835",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1835"
              },
              {
                "name": "RHSA-2024:1873",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1873"
              },
              {
                "name": "RHSA-2024:1876",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1876"
              },
              {
                "name": "RHSA-2024:1883",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1883"
              },
              {
                "name": "RHSA-2024:1902",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1902"
              },
              {
                "name": "RHSA-2024:1903",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1903"
              },
              {
                "name": "RHSA-2024:1959",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1959"
              },
              {
                "name": "RHSA-2024:2086",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2086"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-40546"
              },
              {
                "name": "RHBZ#2241796",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241796"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40546",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-29T19:54:29.372942Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:29:16.778Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-signed",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-1.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos",
                "cpe:/a:redhat:rhel_eus:8.8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos",
                "cpe:/a:redhat:rhel_eus:8.8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-aarch64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9_2",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn\u0027t match the format string used by it, leading to a crash under certain circumstances."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T19:53:32.512Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1834",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1834"
            },
            {
              "name": "RHSA-2024:1835",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1835"
            },
            {
              "name": "RHSA-2024:1873",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1873"
            },
            {
              "name": "RHSA-2024:1876",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1876"
            },
            {
              "name": "RHSA-2024:1883",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1883"
            },
            {
              "name": "RHSA-2024:1902",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1902"
            },
            {
              "name": "RHSA-2024:1903",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1903"
            },
            {
              "name": "RHSA-2024:1959",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1959"
            },
            {
              "name": "RHSA-2024:2086",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2086"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-40546"
            },
            {
              "name": "RHBZ#2241796",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241796"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-10-02T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-23T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Shim: out-of-bounds read printing error messages",
          "workarounds": [
            {
              "lang": "en",
              "value": "There\u0027s no available mitigation for this issue."
            }
          ],
          "x_redhatCweChain": "CWE-476: NULL Pointer Dereference"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-40546",
        "datePublished": "2024-01-29T16:29:26.258Z",
        "dateReserved": "2023-08-15T20:04:15.615Z",
        "dateUpdated": "2025-11-20T19:53:32.512Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-40549 (GCVE-0-2023-40549)

    Vulnerability from cvelistv5 – Published: 2024-01-29 16:29 – Updated: 2025-11-20 19:53
    VLAI
    Title
    Shim: out-of-bounds read in verify_buffer_authenticode() malformed pe file
    Summary
    An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1834 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1835 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1873 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1876 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1883 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1902 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1903 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1959 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2086 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-40549 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2241797 issue-trackingx_refsource_REDHAT
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-3.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-1.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:15.8-4.el8_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:15.8-2.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:15.8-2.el8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::crb
        cpe:/o:redhat:rhel_eus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:15.8-4.el9_3 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-3.el9 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-2.el9 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:15.8-3.el9_2 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Date Public
    2024-01-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.333Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:1834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1834"
              },
              {
                "name": "RHSA-2024:1835",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1835"
              },
              {
                "name": "RHSA-2024:1873",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1873"
              },
              {
                "name": "RHSA-2024:1876",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1876"
              },
              {
                "name": "RHSA-2024:1883",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1883"
              },
              {
                "name": "RHSA-2024:1902",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1902"
              },
              {
                "name": "RHSA-2024:1903",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1903"
              },
              {
                "name": "RHSA-2024:1959",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1959"
              },
              {
                "name": "RHSA-2024:2086",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2086"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-40549"
              },
              {
                "name": "RHBZ#2241797",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241797"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40549",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-11T19:17:30.752609Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T17:53:09.919Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-signed",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-1.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-aarch64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9_2",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-20T19:53:36.835Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1834",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1834"
            },
            {
              "name": "RHSA-2024:1835",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1835"
            },
            {
              "name": "RHSA-2024:1873",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1873"
            },
            {
              "name": "RHSA-2024:1876",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1876"
            },
            {
              "name": "RHSA-2024:1883",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1883"
            },
            {
              "name": "RHSA-2024:1902",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1902"
            },
            {
              "name": "RHSA-2024:1903",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1903"
            },
            {
              "name": "RHSA-2024:1959",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1959"
            },
            {
              "name": "RHSA-2024:2086",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2086"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-40549"
            },
            {
              "name": "RHBZ#2241797",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241797"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-10-02T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-23T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Shim: out-of-bounds read in verify_buffer_authenticode() malformed pe file",
          "workarounds": [
            {
              "lang": "en",
              "value": "There\u0027s no available mitigation for this issue."
            }
          ],
          "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-40549",
        "datePublished": "2024-01-29T16:29:26.170Z",
        "dateReserved": "2023-08-15T20:04:15.615Z",
        "dateUpdated": "2025-11-20T19:53:36.835Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-40550 (GCVE-0-2023-40550)

    Vulnerability from cvelistv5 – Published: 2024-01-29 16:29 – Updated: 2026-01-27 10:55
    VLAI
    Title
    Shim: out-of-bound read in verify_buffer_sbat()
    Summary
    An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1834 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1835 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1873 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1876 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1883 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1902 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1903 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1959 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2086 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-40550 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2259915 issue-trackingx_refsource_REDHAT
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-3.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-1.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:15.8-4.el8_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:15.8-2.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:15.8-2.el8 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.8::baseos
        cpe:/a:redhat:rhel_eus:8.8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:15.8-4.el9_3 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-3.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-2.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:15.8-3.el9_2 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Date Public
    2024-01-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.592Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:1834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1834"
              },
              {
                "name": "RHSA-2024:1835",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1835"
              },
              {
                "name": "RHSA-2024:1873",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1873"
              },
              {
                "name": "RHSA-2024:1876",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1876"
              },
              {
                "name": "RHSA-2024:1883",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1883"
              },
              {
                "name": "RHSA-2024:1902",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1902"
              },
              {
                "name": "RHSA-2024:1903",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1903"
              },
              {
                "name": "RHSA-2024:1959",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1959"
              },
              {
                "name": "RHSA-2024:2086",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2086"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-40550"
              },
              {
                "name": "RHBZ#2259915",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259915"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40550",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T19:08:55.327047Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-29T15:08:55.470Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-signed",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-1.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos",
                "cpe:/a:redhat:rhel_eus:8.8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos",
                "cpe:/a:redhat:rhel_eus:8.8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-aarch64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9_2",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2024-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system\u0027s boot phase."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-27T10:55:03.902Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1834",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1834"
            },
            {
              "name": "RHSA-2024:1835",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1835"
            },
            {
              "name": "RHSA-2024:1873",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1873"
            },
            {
              "name": "RHSA-2024:1876",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1876"
            },
            {
              "name": "RHSA-2024:1883",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1883"
            },
            {
              "name": "RHSA-2024:1902",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1902"
            },
            {
              "name": "RHSA-2024:1903",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1903"
            },
            {
              "name": "RHSA-2024:1959",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1959"
            },
            {
              "name": "RHSA-2024:2086",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2086"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-40550"
            },
            {
              "name": "RHBZ#2259915",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259915"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-23T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-23T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Shim: out-of-bound read in verify_buffer_sbat()",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-40550",
        "datePublished": "2024-01-29T16:29:23.050Z",
        "dateReserved": "2023-08-15T20:04:15.615Z",
        "dateUpdated": "2026-01-27T10:55:03.902Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-40548 (GCVE-0-2023-40548)

    Vulnerability from cvelistv5 – Published: 2024-01-29 14:53 – Updated: 2026-06-26 09:44
    VLAI
    Title
    Shim: interger overflow leads to heap buffer overflow in verify_sbat_section on 32-bits systems
    Summary
    A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or data integrity issues during the boot phase.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:1834 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1835 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1873 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1876 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1883 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1902 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1903 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1959 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2086 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-40548 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2241782 issue-trackingx_refsource_REDHAT
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-3.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-1.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:15.8-4.el8_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:15.8-2.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:15.8-2.el8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::crb
        cpe:/o:redhat:rhel_eus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:15.8-4.el9_3 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-3.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-2.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:15.8-3.el9_2 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Date Public
    2023-10-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.361Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:1834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1834"
              },
              {
                "name": "RHSA-2024:1835",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1835"
              },
              {
                "name": "RHSA-2024:1873",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1873"
              },
              {
                "name": "RHSA-2024:1876",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1876"
              },
              {
                "name": "RHSA-2024:1883",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1883"
              },
              {
                "name": "RHSA-2024:1902",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1902"
              },
              {
                "name": "RHSA-2024:1903",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1903"
              },
              {
                "name": "RHSA-2024:1959",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1959"
              },
              {
                "name": "RHSA-2024:2086",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2086"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-40548"
              },
              {
                "name": "RHBZ#2241782",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241782"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40548",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T18:45:11.115130Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-29T15:09:22.534Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-signed",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-1.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-aarch64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9_2",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "datePublic": "2023-10-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or data integrity issues during the boot phase."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-26T09:44:21.185Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1834",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1834"
            },
            {
              "name": "RHSA-2024:1835",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1835"
            },
            {
              "name": "RHSA-2024:1873",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1873"
            },
            {
              "name": "RHSA-2024:1876",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1876"
            },
            {
              "name": "RHSA-2024:1883",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1883"
            },
            {
              "name": "RHSA-2024:1902",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1902"
            },
            {
              "name": "RHSA-2024:1903",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1903"
            },
            {
              "name": "RHSA-2024:1959",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1959"
            },
            {
              "name": "RHSA-2024:2086",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2086"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-40548"
            },
            {
              "name": "RHBZ#2241782",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241782"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-10-02T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-10-03T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Shim: interger overflow leads to heap buffer overflow in verify_sbat_section on 32-bits systems",
          "workarounds": [
            {
              "lang": "en",
              "value": "There\u0027s no available mitigation for this issue."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-40548",
        "datePublished": "2024-01-29T14:53:44.319Z",
        "dateReserved": "2023-08-15T20:04:15.615Z",
        "dateUpdated": "2026-06-26T09:44:21.185Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-40547 (GCVE-0-2023-40547)

    Vulnerability from cvelistv5 – Published: 2024-01-25 15:54 – Updated: 2026-06-26 09:43
    VLAI
    Title
    Shim: rce in http boot support may lead to secure boot bypass
    Summary
    A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-3.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:15.8-1.el7 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::workstation
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:15.8-4.el8_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_tus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:15.8-2.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_aus:8.4::baseos
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:15.8-2.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:15.8-2.el8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::crb
        cpe:/o:redhat:rhel_eus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:15.8-4.el9_3 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-3.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:15.8-2.el9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:15.8-3.el9_2 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Date Public
    2024-01-23 00:00
    Credits
    Red Hat would like to thank Bill Demirkapi (Microsoft Security Response Center) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.942Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/01/26/1"
              },
              {
                "name": "RHSA-2024:1834",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1834"
              },
              {
                "name": "RHSA-2024:1835",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1835"
              },
              {
                "name": "RHSA-2024:1873",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1873"
              },
              {
                "name": "RHSA-2024:1876",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1876"
              },
              {
                "name": "RHSA-2024:1883",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1883"
              },
              {
                "name": "RHSA-2024:1902",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1902"
              },
              {
                "name": "RHSA-2024:1903",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1903"
              },
              {
                "name": "RHSA-2024:1959",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1959"
              },
              {
                "name": "RHSA-2024:2086",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2086"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-40547"
              },
              {
                "name": "RHBZ#2234589",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234589"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40547",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-13T05:00:44.907619Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:19:29.168Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::workstation"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-signed",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-1.el7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_tus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_aus:8.4::baseos",
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::crb",
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-4.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-aarch64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim-unsigned-x64",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-2.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "shim",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:15.8-3.el9_2",
                  "versionType": "rpm"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Bill Demirkapi (Microsoft Security Response Center) for reporting this issue."
            }
          ],
          "datePublic": "2024-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-26T09:43:31.882Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:1834",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1834"
            },
            {
              "name": "RHSA-2024:1835",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1835"
            },
            {
              "name": "RHSA-2024:1873",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1873"
            },
            {
              "name": "RHSA-2024:1876",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1876"
            },
            {
              "name": "RHSA-2024:1883",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1883"
            },
            {
              "name": "RHSA-2024:1902",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1902"
            },
            {
              "name": "RHSA-2024:1903",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1903"
            },
            {
              "name": "RHSA-2024:1959",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1959"
            },
            {
              "name": "RHSA-2024:2086",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2086"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-40547"
            },
            {
              "name": "RHBZ#2234589",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234589"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-05-05T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-23T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Shim: rce in http boot support may lead to secure boot bypass",
          "workarounds": [
            {
              "lang": "en",
              "value": "If a system isn\u2019t required to boot from the network, configure the server\u2019s boot order to disable entirely or skip the network boot."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-40547",
        "datePublished": "2024-01-25T15:54:23.102Z",
        "dateReserved": "2023-08-15T20:04:15.615Z",
        "dateUpdated": "2026-06-26T09:43:31.882Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-6816 (GCVE-0-2023-6816)

    Vulnerability from cvelistv5 – Published: 2024-01-18 04:31 – Updated: 2026-03-19 21:23
    VLAI
    Title
    Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer
    Summary
    A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:0320 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0557 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0558 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0597 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0607 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0614 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0617 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0621 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0626 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0629 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2169 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2170 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2995 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2996 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-6816 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2257691 issue-trackingx_refsource_REDHAT
    http://www.openwall.com/lists/oss-security/2024/01/18/1 x_transferred
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://security.gentoo.org/glsa/202401-30 x_transferred
    https://security.netapp.com/advisory/ntap-2024030… x_transferred
    Impacted products
    Vendor Product Version
    Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13 , < * (rpm)
        cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-27.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-31.el7_9 , < * (rpm)
        cpe:/o:redhat:enterprise_linux:7::workstation
        cpe:/o:redhat:enterprise_linux:7::client
        cpe:/o:redhat:enterprise_linux:7::server
        cpe:/o:redhat:enterprise_linux:7::computenode
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.7 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-22.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-15.el8 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.9 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.2::appstream
        cpe:/a:redhat:rhel_tus:8.2::appstream
        cpe:/a:redhat:rhel_aus:8.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.8 , < * (rpm)
        cpe:/a:redhat:rhel_e4s:8.4::appstream
        cpe:/a:redhat:rhel_tus:8.4::appstream
        cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.9 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.7 , < * (rpm)
        cpe:/a:redhat:rhel_eus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-3.el9_3.6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-24.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:22.1.9-5.el9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.8 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.5 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2024-01-16 00:00
    Credits
    Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:42:07.410Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/01/18/1"
              },
              {
                "name": "RHSA-2024:0320",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0320"
              },
              {
                "name": "RHSA-2024:0557",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0557"
              },
              {
                "name": "RHSA-2024:0558",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0558"
              },
              {
                "name": "RHSA-2024:0597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0597"
              },
              {
                "name": "RHSA-2024:0607",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0607"
              },
              {
                "name": "RHSA-2024:0614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0614"
              },
              {
                "name": "RHSA-2024:0617",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0617"
              },
              {
                "name": "RHSA-2024:0621",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0621"
              },
              {
                "name": "RHSA-2024:0626",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0626"
              },
              {
                "name": "RHSA-2024:0629",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0629"
              },
              {
                "name": "RHSA-2024:2169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2169"
              },
              {
                "name": "RHSA-2024:2170",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2170"
              },
              {
                "name": "RHSA-2024:2996",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2996"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-6816"
              },
              {
                "name": "RHBZ#2257691",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257691"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202401-30"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20240307-0006/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-6816",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-18T14:05:47.630340Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:19:20.905Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_els:6"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.1.0-25.el6_10.13",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.4-27.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7::workstation",
                "cpe:/o:redhat:enterprise_linux:7::client",
                "cpe:/o:redhat:enterprise_linux:7::server",
                "cpe:/o:redhat:enterprise_linux:7::computenode"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.8.0-31.el7_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-2.el8_9.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-22.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:21.1.3-15.el8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.2::appstream",
                "cpe:/a:redhat:rhel_tus:8.2::appstream",
                "cpe:/a:redhat:rhel_aus:8.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.9.0-15.el8_2.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_e4s:8.4::appstream",
                "cpe:/a:redhat:rhel_tus:8.4::appstream",
                "cpe:/a:redhat:rhel_aus:8.4::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-8.el8_4.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.6::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-6.el8_6.9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:8.8::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-15.el8_8.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.13.1-3.el9_3.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.20.11-24.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "xorg-x11-server-Xwayland",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:22.1.9-5.el9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.11.0-22.el9_0.8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "tigervnc",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:1.12.0-14.el9_2.5",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "xorg-x11-server",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Jan-Niklas Sohn (Trend Micro Zero Day Initiative) for reporting this issue."
            }
          ],
          "datePublic": "2024-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device\u0027s particular number of buttons, leading to a heap overflow if a bigger value was used."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-19T21:23:24.417Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0320",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0320"
            },
            {
              "name": "RHSA-2024:0557",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0557"
            },
            {
              "name": "RHSA-2024:0558",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0558"
            },
            {
              "name": "RHSA-2024:0597",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0597"
            },
            {
              "name": "RHSA-2024:0607",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0607"
            },
            {
              "name": "RHSA-2024:0614",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0614"
            },
            {
              "name": "RHSA-2024:0617",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0617"
            },
            {
              "name": "RHSA-2024:0621",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0621"
            },
            {
              "name": "RHSA-2024:0626",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0626"
            },
            {
              "name": "RHSA-2024:0629",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0629"
            },
            {
              "name": "RHSA-2024:2169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2169"
            },
            {
              "name": "RHSA-2024:2170",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2170"
            },
            {
              "name": "RHSA-2024:2995",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2995"
            },
            {
              "name": "RHSA-2024:2996",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2996"
            },
            {
              "name": "RHSA-2025:12751",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:12751"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-6816"
            },
            {
              "name": "RHBZ#2257691",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257691"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-10T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2024-01-16T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-6816",
        "datePublished": "2024-01-18T04:31:07.908Z",
        "dateReserved": "2023-12-14T04:34:38.017Z",
        "dateUpdated": "2026-03-19T21:23:24.417Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-0646 (GCVE-0-2024-0646)

    Vulnerability from cvelistv5 – Published: 2024-01-17 15:16 – Updated: 2025-11-06 20:51
    VLAI
    Title
    Kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination
    Summary
    An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2024:0723 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0724 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0725 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0850 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0851 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0876 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0881 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0897 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1248 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1250 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1251 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1253 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1268 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1269 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1278 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1306 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1367 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1368 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1377 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1382 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:1404 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:2094 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2024-0646 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2253908 issue-trackingx_refsource_REDHAT
    https://git.kernel.org/pub/scm/linux/kernel/git/t…
    https://lists.debian.org/debian-lts-announce/2024… x_transferred
    Impacted products
    Vendor Product Version
    Affected: 0 , < 6.7-rc5 (semver)
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-513.18.1.rt7.320.el8_9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::realtime
        cpe:/a:redhat:enterprise_linux:8::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-513.18.1.el8_9 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::crb
        cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:4.18.0-193.128.1.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:4.18.0-193.128.1.rt13.179.el8_2 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.2::realtime
        cpe:/a:redhat:rhel_tus:8.2::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:4.18.0-193.128.1.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:4.18.0-193.128.1.el8_2 , < * (rpm)
        cpe:/o:redhat:rhel_tus:8.2::baseos
        cpe:/o:redhat:rhel_e4s:8.2::baseos
        cpe:/o:redhat:rhel_aus:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions     cpe:/o:redhat:rhel_e4s:8.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:4.18.0-305.125.1.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:4.18.0-305.125.1.rt7.201.el8_4 , < * (rpm)
        cpe:/a:redhat:rhel_tus:8.4::realtime
        cpe:/a:redhat:rhel_tus:8.4::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:4.18.0-305.125.1.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:4.18.0-305.125.1.el8_4 , < * (rpm)
        cpe:/o:redhat:rhel_e4s:8.4::baseos
        cpe:/o:redhat:rhel_tus:8.4::baseos
        cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions     cpe:/o:redhat:rhel_e4s:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:4.18.0-372.91.1.el8_6 , < * (rpm)
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/a:redhat:rhel_eus:8.6::crb
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support     cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support     cpe:/o:redhat:rhel_eus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:4.18.0-477.51.1.el8_8 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.8::baseos
        cpe:/a:redhat:rhel_eus:8.8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:5.14.0-362.24.1.el9_3 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/a:redhat:enterprise_linux:9::nfv
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::realtime
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:5.14.0-70.93.2.el9_0 , < * (rpm)
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::crb
        cpe:/a:redhat:rhel_eus:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:5.14.0-70.93.1.rt21.165.el9_0 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::realtime
        cpe:/a:redhat:rhel_eus:9.0::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support     cpe:/o:redhat:rhel_eus:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:5.14.0-284.52.1.el9_2 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::appstream
        cpe:/a:redhat:rhel_eus:9.2::crb
        cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:5.14.0-284.52.1.rt14.337.el9_2 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.2::nfv
        cpe:/a:redhat:rhel_eus:9.2::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support     cpe:/o:redhat:rhel_eus:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Unaffected: 0:4.18.0-372.91.1.el8_6 , < * (rpm)
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/a:redhat:rhel_eus:8.6::crb
        cpe:/o:redhat:rhel_eus:8.6::baseos
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-22 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-11 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v6.8.1-407 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-19 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v1.0.0-479 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-7 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.4.0-247 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-5 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v1.1.0-227 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.1-470 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v2.9.6-14 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-2 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-24 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-10 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.1.0-525 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.1.0-224 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.28.1-56 , < * (rpm)
        cpe:/a:redhat:logging:5.8::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2023-12-07 06:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:11:35.718Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2024:0723",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0723"
              },
              {
                "name": "RHSA-2024:0724",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0724"
              },
              {
                "name": "RHSA-2024:0725",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0725"
              },
              {
                "name": "RHSA-2024:0850",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0850"
              },
              {
                "name": "RHSA-2024:0851",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0851"
              },
              {
                "name": "RHSA-2024:0876",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0876"
              },
              {
                "name": "RHSA-2024:0881",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0881"
              },
              {
                "name": "RHSA-2024:0897",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0897"
              },
              {
                "name": "RHSA-2024:1248",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1248"
              },
              {
                "name": "RHSA-2024:1250",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1250"
              },
              {
                "name": "RHSA-2024:1251",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1251"
              },
              {
                "name": "RHSA-2024:1253",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1253"
              },
              {
                "name": "RHSA-2024:1268",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1268"
              },
              {
                "name": "RHSA-2024:1269",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1269"
              },
              {
                "name": "RHSA-2024:1278",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1278"
              },
              {
                "name": "RHSA-2024:1306",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1306"
              },
              {
                "name": "RHSA-2024:1367",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1367"
              },
              {
                "name": "RHSA-2024:1368",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1368"
              },
              {
                "name": "RHSA-2024:1377",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1377"
              },
              {
                "name": "RHSA-2024:1382",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1382"
              },
              {
                "name": "RHSA-2024:1404",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:1404"
              },
              {
                "name": "RHSA-2024:2094",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:2094"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2024-0646"
              },
              {
                "name": "RHBZ#2253908",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253908"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5a595000e267"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0646",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-10T04:00:15.716357Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T21:19:19.245Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://git.kernel.org/pub/scm/linux/kernel",
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "versions": [
                {
                  "lessThan": "6.7-rc5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::realtime",
                "cpe:/a:redhat:enterprise_linux:8::nfv"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-513.18.1.rt7.320.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::crb",
                "cpe:/o:redhat:enterprise_linux:8::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-513.18.1.el8_9",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-193.128.1.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.2::realtime",
                "cpe:/a:redhat:rhel_tus:8.2::nfv"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-193.128.1.rt13.179.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-193.128.1.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_tus:8.2::baseos",
                "cpe:/o:redhat:rhel_e4s:8.2::baseos",
                "cpe:/o:redhat:rhel_aus:8.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-193.128.1.el8_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.2::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.125.1.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_tus:8.4::realtime",
                "cpe:/a:redhat:rhel_tus:8.4::nfv"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.125.1.rt7.201.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.125.1.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos",
                "cpe:/o:redhat:rhel_tus:8.4::baseos",
                "cpe:/o:redhat:rhel_aus:8.4::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-305.125.1.el8_4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_e4s:8.4::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/a:redhat:rhel_eus:8.6::crb",
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-372.91.1.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.8::baseos",
                "cpe:/a:redhat:rhel_eus:8.8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-477.51.1.el8_8",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::nfv",
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::realtime",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-362.24.1.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/a:redhat:enterprise_linux:9::nfv",
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::realtime",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-362.24.1.el9_3",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb",
                "cpe:/a:redhat:rhel_eus:9.0::appstream"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-70.93.2.el9_0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::realtime",
                "cpe:/a:redhat:rhel_eus:9.0::nfv"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-70.93.1.rt21.165.el9_0",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.0::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::appstream",
                "cpe:/a:redhat:rhel_eus:9.2::crb",
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-284.52.1.el9_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.2::nfv",
                "cpe:/a:redhat:rhel_eus:9.2::realtime"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:5.14.0-284.52.1.rt14.337.el9_2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:9.2::baseos"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kpatch-patch",
              "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/a:redhat:rhel_eus:8.6::crb",
                "cpe:/o:redhat:rhel_eus:8.6::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel",
              "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.18.0-372.91.1.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/cluster-logging-operator-bundle",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-22",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/cluster-logging-rhel9-operator",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-11",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch6-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v6.8.1-407",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-operator-bundle",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-19",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-proxy-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.0.0-479",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/elasticsearch-rhel9-operator",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/eventrouter-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.4.0-247",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/fluentd-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-5",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/log-file-metric-exporter-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v1.1.0-227",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-curator5-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.1-470",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-loki-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v2.9.6-14",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/logging-view-plugin-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-2",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/loki-operator-bundle",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-24",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/loki-rhel9-operator",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v5.8.6-10",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/lokistack-gateway-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-525",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/opa-openshift-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.1.0-224",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:logging:5.8::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "openshift-logging/vector-rhel9",
              "product": "RHOL-5.8-RHEL-9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "v0.28.1-56",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "affected",
              "packageName": "kernel-rt",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2023-12-07T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An out-of-bounds memory write flaw was found in the Linux kernel\u2019s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-06T20:51:54.670Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2024:0723",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0723"
            },
            {
              "name": "RHSA-2024:0724",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0724"
            },
            {
              "name": "RHSA-2024:0725",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0725"
            },
            {
              "name": "RHSA-2024:0850",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0850"
            },
            {
              "name": "RHSA-2024:0851",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0851"
            },
            {
              "name": "RHSA-2024:0876",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0876"
            },
            {
              "name": "RHSA-2024:0881",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0881"
            },
            {
              "name": "RHSA-2024:0897",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0897"
            },
            {
              "name": "RHSA-2024:1248",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1248"
            },
            {
              "name": "RHSA-2024:1250",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1250"
            },
            {
              "name": "RHSA-2024:1251",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1251"
            },
            {
              "name": "RHSA-2024:1253",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1253"
            },
            {
              "name": "RHSA-2024:1268",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1268"
            },
            {
              "name": "RHSA-2024:1269",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1269"
            },
            {
              "name": "RHSA-2024:1278",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1278"
            },
            {
              "name": "RHSA-2024:1306",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1306"
            },
            {
              "name": "RHSA-2024:1367",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1367"
            },
            {
              "name": "RHSA-2024:1368",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1368"
            },
            {
              "name": "RHSA-2024:1377",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1377"
            },
            {
              "name": "RHSA-2024:1382",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1382"
            },
            {
              "name": "RHSA-2024:1404",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:1404"
            },
            {
              "name": "RHSA-2024:2094",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:2094"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2024-0646"
            },
            {
              "name": "RHBZ#2253908",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253908"
            },
            {
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5a595000e267"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-01-17T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-12-07T06:30:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination",
          "workarounds": [
            {
              "lang": "en",
              "value": "To mitigate this issue, prevent module tls from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically."
            }
          ],
          "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2024-0646",
        "datePublished": "2024-01-17T15:16:45.148Z",
        "dateReserved": "2024-01-17T13:11:12.669Z",
        "dateUpdated": "2025-11-06T20:51:54.670Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }