X.org X Server Security Update Advisory (CVE-2024-9632)

Nov 07 2024

Overview

An update has been released to address vulnerabilities in X.org X Server. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-9632

X Server versions: ~ 21.1.13 (inclusive)

Resolved Vulnerabilities

Vulnerability in _XkbSetCompatMap in X.org Server does not properly track allocation sizes, which could allow local attackers to cause a buffer overflow via a specially crafted payload, resulting in a denial of service or privilege escalation in the presence of root (CVE-2024-9632)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-9632

X Server version: 21.1.14

Referenced Sites

[1] CVE-2024-9632 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-9632

[2] X.org X Server up to 21.1.13 Bitmap _XkbSetCompatMap sym_interpret heap-based overflow

https://vuldb.com/?id.282497

X.org X Server Security Update Advisory (CVE-2024-9632)

ManageEngine (Exchange Reporter Plus, ADManager Plus, and others) Family November 2024 Security Update Advisory

Google Chrome Browser (130.0.6723.116/.117) Security Update Advisory

Tags:

ManageEngine (Exchange Reporter Plus, ADManager Plus, and others) Family November 2024 Security Update Advisory

Google Chrome Browser (130.0.6723.116/.117) Security Update Advisory