/
DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2024-21885

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-21885

CGA ID

CGA-rxp5-26h3-72r4

Severity

Unknown

Description

A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remote code execution in SSH X11 forwarding environments.

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs