Launchpad.net

CVE 2024-21886

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments.

Related bugs and status

CVE-2024-21886 (Candidate) is related to these bugs:

Bug #2051536: security update regression tracking bug

		In	Importance	Status
2051536	security update regression tracking bug	xorg-server (Ubuntu)	Undecided	Fix Released
2051536	security update regression tracking bug	xorg-server (Ubuntu Jammy)	Undecided	Fix Released
2051536	security update regression tracking bug	xorg-server (Ubuntu Mantic)	Undecided	Fix Released
2051536	security update regression tracking bug	xorg-server (Ubuntu Focal)	Undecided	Fix Released
2051536	security update regression tracking bug	xorg-server (Ubuntu Noble)	Undecided	Fix Released
2051536	security update regression tracking bug	xwayland (Ubuntu)	Undecided	Fix Released
2051536	security update regression tracking bug	xwayland (Ubuntu Focal)	Undecided	Invalid
2051536	security update regression tracking bug	xwayland (Ubuntu Jammy)	Undecided	Fix Released
2051536	security update regression tracking bug	xwayland (Ubuntu Mantic)	Undecided	Fix Released
2051536	security update regression tracking bug	xwayland (Ubuntu Noble)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2024-21886

Related bugs and status

Related bugs

References