Red Hat Security Advisory: xorg-x11-server-Xwayland security update
Multiple vulnerabilities have been identified in the xorg-x11-server-Xwayland component of Red Hat Enterprise Linux 9. These include heap buffer overread and data leakage issues in ProcXIGetSelectedEvents (CVE-2024-31080) and ProcXIPassiveGrabDevice (CVE-2024-31081), as well as a use-after-free vulnerability in ProcRenderAddGlyphs (CVE-2024-31083). Red Hat has issued a security update to address these issues with a moderate severity rating.
AI Analysis
Technical Summary
The Red Hat xorg-x11-server-Xwayland package for Red Hat Enterprise Linux 9 contains three security vulnerabilities: two heap buffer overread/data leakage flaws in the ProcXIGetSelectedEvents and ProcXIPassiveGrabDevice functions, and a use-after-free vulnerability in ProcRenderAddGlyphs. These issues could potentially lead to data leakage or memory corruption. Red Hat has released a security advisory (RHSA-2024:9093) providing updates to mitigate these vulnerabilities. The advisory covers multiple Red Hat Enterprise Linux 9 variants and architectures.
Potential Impact
The vulnerabilities could allow an attacker to cause data leakage through heap buffer overreads or trigger use-after-free conditions, potentially leading to memory corruption. The overall security impact is rated as moderate by Red Hat Product Security. There are no known exploits in the wild at this time.
Mitigation Recommendations
Red Hat has released official security updates for xorg-x11-server-Xwayland in Red Hat Enterprise Linux 9 to address these vulnerabilities. Users should apply the updates as described in the Red Hat advisory RHSA-2024:9093 and the linked update instructions at https://access.redhat.com/articles/11258. No additional mitigation steps are indicated beyond applying the official patches.
Red Hat Security Advisory: xorg-x11-server-Xwayland security update
Description
Multiple vulnerabilities have been identified in the xorg-x11-server-Xwayland component of Red Hat Enterprise Linux 9. These include heap buffer overread and data leakage issues in ProcXIGetSelectedEvents (CVE-2024-31080) and ProcXIPassiveGrabDevice (CVE-2024-31081), as well as a use-after-free vulnerability in ProcRenderAddGlyphs (CVE-2024-31083). Red Hat has issued a security update to address these issues with a moderate severity rating.
Affected software
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Red Hat xorg-x11-server-Xwayland package for Red Hat Enterprise Linux 9 contains three security vulnerabilities: two heap buffer overread/data leakage flaws in the ProcXIGetSelectedEvents and ProcXIPassiveGrabDevice functions, and a use-after-free vulnerability in ProcRenderAddGlyphs. These issues could potentially lead to data leakage or memory corruption. Red Hat has released a security advisory (RHSA-2024:9093) providing updates to mitigate these vulnerabilities. The advisory covers multiple Red Hat Enterprise Linux 9 variants and architectures.
Potential Impact
The vulnerabilities could allow an attacker to cause data leakage through heap buffer overreads or trigger use-after-free conditions, potentially leading to memory corruption. The overall security impact is rated as moderate by Red Hat Product Security. There are no known exploits in the wild at this time.
Mitigation Recommendations
Red Hat has released official security updates for xorg-x11-server-Xwayland in Red Hat Enterprise Linux 9 to address these vulnerabilities. Users should apply the updates as described in the Red Hat advisory RHSA-2024:9093 and the linked update instructions at https://access.redhat.com/articles/11258. No additional mitigation steps are indicated beyond applying the official patches.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2024:9093
- Cve Count
- 3
- Additional Cves
- ["CVE-2024-31081","CVE-2024-31083"]
- Cvss Version
- null
Threat ID: 6a3da1ec4853345fc1830943
Added to database: 06/25/2026, 21:47:24 UTC
Last enriched: 06/25/2026, 22:40:27 UTC
Last updated: 07/02/2026, 20:51:13 UTC
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.