CVE-2024-31083

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-31083
A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.
CVSS

No CVSS.

References
Link Resource
http://www.openwall.com/lists/oss-security/2024/04/03/13
http://www.openwall.com/lists/oss-security/2024/04/12/10
https://access.redhat.com/errata/RHSA-2024:1785
https://access.redhat.com/errata/RHSA-2024:1785
https://access.redhat.com/errata/RHSA-2024:2036
https://access.redhat.com/errata/RHSA-2024:2036
https://access.redhat.com/errata/RHSA-2024:2037
https://access.redhat.com/errata/RHSA-2024:2037
https://access.redhat.com/errata/RHSA-2024:2038
https://access.redhat.com/errata/RHSA-2024:2038
https://access.redhat.com/errata/RHSA-2024:2039
https://access.redhat.com/errata/RHSA-2024:2039
https://access.redhat.com/errata/RHSA-2024:2040
https://access.redhat.com/errata/RHSA-2024:2040
https://access.redhat.com/errata/RHSA-2024:2041
https://access.redhat.com/errata/RHSA-2024:2041
https://access.redhat.com/errata/RHSA-2024:2042
https://access.redhat.com/errata/RHSA-2024:2042
https://access.redhat.com/errata/RHSA-2024:2080
https://access.redhat.com/errata/RHSA-2024:2080
https://access.redhat.com/errata/RHSA-2024:2616
https://access.redhat.com/errata/RHSA-2024:2616
https://access.redhat.com/errata/RHSA-2024:3258
https://access.redhat.com/errata/RHSA-2024:3258
https://access.redhat.com/errata/RHSA-2024:3261
https://access.redhat.com/errata/RHSA-2024:3261
https://access.redhat.com/errata/RHSA-2024:3343
https://access.redhat.com/errata/RHSA-2024:3343
https://access.redhat.com/errata/RHSA-2024:9093
https://access.redhat.com/errata/RHSA-2024:9122
https://access.redhat.com/errata/RHSA-2025:12751
https://access.redhat.com/security/cve/CVE-2024-31083
https://access.redhat.com/security/cve/CVE-2024-31083
https://bugzilla.redhat.com/show_bug.cgi?id=2272000
https://bugzilla.redhat.com/show_bug.cgi?id=2272000
https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/
Configurations

No configuration.

History

04 Aug 2025, 21:15

Type Values Removed Values Added
CWE CWE-416
References
  • () http://www.openwall.com/lists/oss-security/2024/04/03/13 -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/ -
  • () http://www.openwall.com/lists/oss-security/2024/04/12/10 -
  • () https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/ -
  • () https://access.redhat.com/errata/RHSA-2025:12751 -

12 Nov 2024, 15:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:9093 -
  • () https://access.redhat.com/errata/RHSA-2024:9122 -

16 Sep 2024, 19:16

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/', 'name': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/', 'tags': [], 'refsource': ''}
  • {'url': 'https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html', 'name': 'https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html', 'tags': [], 'refsource': ''}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/', 'name': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/', 'tags': [], 'refsource': ''}
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/03/13', 'name': 'http://www.openwall.com/lists/oss-security/2024/04/03/13', 'tags': [], 'refsource': ''}
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/12/10', 'name': 'http://www.openwall.com/lists/oss-security/2024/04/12/10', 'tags': [], 'refsource': ''}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/', 'name': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/', 'tags': [], 'refsource': ''}

24 May 2024, 00:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:3343 -

22 May 2024, 17:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:3261 -
  • () https://access.redhat.com/errata/RHSA-2024:3258 -

01 May 2024, 18:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/04/12/10 -

01 May 2024, 17:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/04/03/13 -

30 Apr 2024, 20:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2616 -

29 Apr 2024, 19:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2080 -

25 Apr 2024, 18:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2041 -
  • () https://access.redhat.com/errata/RHSA-2024:2037 -
  • () https://access.redhat.com/errata/RHSA-2024:2038 -
  • () https://access.redhat.com/errata/RHSA-2024:2040 -
  • () https://access.redhat.com/errata/RHSA-2024:2039 -
  • () https://access.redhat.com/errata/RHSA-2024:2042 -
  • () https://access.redhat.com/errata/RHSA-2024:2036 -

24 Apr 2024, 02:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/ -

19 Apr 2024, 23:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/ -

15 Apr 2024, 14:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html -

11 Apr 2024, 23:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1785 -

05 Apr 2024, 12:40

Type Values Removed Values Added
New CVE
Information

Published : 2024-04-05 12:15

Updated : 2025-08-04 21:15

NVD link : CVE-2024-31083

Mitre link : CVE-2024-31083

JSON object : View

Products Affected

No product.

CWE

No CWE.