CVE-2024-31082

Name of the Vulnerable Software and Affected Versions Xorg-server (affected versions not specified)

Description A heap-based buffer over-read issue was found in the X.org server's ProcAppleDRICreatePixmap() function. This occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, especially when triggered by a client with different endianness. An attacker could exploit this to cause the X server to read heap memory values and transmit them back to the client until encountering an unmapped page, resulting in a crash. Although the attacker cannot control the specific memory copied into the replies, small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. This could allow an attacker to access confidential data, compromise their integrity, and cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.