CVE-2024-31082

HIGH

Red Hat Enterprise Linux 6-10 - Heap-Based Buffer Over-read in ProcAppleDRICreatePixmap

Title source: llm

Description

A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.

References (5)

Core 5

Core References

Various Sources

https://lists.x.org/archives/xorg-announce/2024-April/003497.html

Mailing List

http://www.openwall.com/lists/oss-security/2024/04/03/13

Mailing List

http://www.openwall.com/lists/oss-security/2024/04/12/10

Issue Tracking issue-tracking x_refsource_redhat

https://bugzilla.redhat.com/show_bug.cgi?id=2271999

Vendor Advisory vdb-entry x_refsource_redhat

https://access.redhat.com/security/cve/CVE-2024-31082

Scores

CVSS v3 7.3

EPSS 0.0035

EPSS Percentile 27.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-126

Status published

Products (5)

Red Hat/Red Hat Enterprise Linux 10

Red Hat/Red Hat Enterprise Linux 6

Red Hat/Red Hat Enterprise Linux 7

Red Hat/Red Hat Enterprise Linux 8

Red Hat/Red Hat Enterprise Linux 9

Published Apr 04, 2024

Tracked Since Feb 18, 2026