CVE-2024-0408

Summary

CVE-2024-0408 is a newly identified vulnerability in the X.Org server. This issue lies in the GLX PBuffer code, which fails to invoke the XACE hook during buffer creation. As a result, the buffer remains unlabeled, leading to unexpected crashes. Specifically, when a client attempts to access a resource related to the unlabeled buffer, such as obtaining its geometry or creating a graphics context (GC), the XSELINUX code tries to utilize an uninitialized object, causing it to fail due to a NULL SID.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.