{"api_version":"1","generated_at":"2026-04-23T02:57:08+00:00","cve":"CVE-2017-2624","urls":{"html":"https://cve.report/CVE-2017-2624","api":"https://cve.report/api/cve/CVE-2017-2624.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2017-2624","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2017-2624"},"summary":{"title":"CVE-2017-2624","description":"It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2018-07-27 18:29:00","updated_at":"2019-10-09 23:26:00"},"problem_types":["CWE-200"],"metrics":[],"references":[{"url":"http://www.securityfocus.com/bid/96480","name":"96480","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"X.org X Server Local Multiple Security Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.securitytracker.com/id/1037919","name":"1037919","refsource":"SECTRACK","tags":["Third Party Advisory","VDB Entry"],"title":"X Multiple Flaws Let Local Users Conduct Timing and Key Guessing Attacks Obtain Elevated Privileges - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/","name":"https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/","refsource":"MISC","tags":["Exploit","Third Party Advisory"],"title":"Advisory X41-2017-001: Multiple Vulnerabilities in X.org - X41 D-SEC GmbH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://gitlab.freedesktop.org/xorg/xserver/commit/d7ac755f0b618eb1259d93c8a16ec6e39a18627c","name":"https://gitlab.freedesktop.org/xorg/xserver/commit/d7ac755f0b618eb1259d93c8a16ec6e39a18627c","refsource":"CONFIRM","tags":["Patch","Third Party Advisory"],"title":"Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES CVE-2017-2624 (d7ac755f) · Commits · xorg / xserver · GitLab","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html","name":"[debian-lts-announce] 20171122 [SECURITY] [DLA 1186-1] xorg-server security update","refsource":"MLIST","tags":["Third Party Advisory"],"title":"[SECURITY] [DLA 1186-1] xorg-server security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/201704-03","name":"GLSA-201704-03","refsource":"GENTOO","tags":["Third Party Advisory"],"title":"X.Org: Multiple vulnerabilities (GLSA 201704-03) — Gentoo Security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/201710-30","name":"GLSA-201710-30","refsource":"GENTOO","tags":["Third Party Advisory"],"title":"X.Org Server: Multiple vulnerabilities (GLSA 201710-30) — Gentoo Security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2624","name":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2624","refsource":"CONFIRM","tags":["Exploit","Issue Tracking","Third Party Advisory"],"title":"1424984 – (CVE-2017-2624) CVE-2017-2624 xorg-x11-server: timing attack against MIT Cookie","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2017-2624","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-2624","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2017","cve_id":"2624","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"2624","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"2624","vulnerable":"1","versionEndIncluding":"1.19.4","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"x.org","cpe5":"xorg-server","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2017-2624","qid":"710339","title":"Gentoo Linux X.Org Multiple Vulnerabilities (GLSA 201704-03)"},{"cve":"CVE-2017-2624","qid":"710562","title":"Gentoo Linux X.Org Server Multiple Vulnerabilities (GLSA 201710-30)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2017-2624","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-385","cweId":"CWE-385"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Xorg","product":{"product_data":[{"product_name":"xorg-x11-server","version":{"version_data":[{"version_affected":"=","version_value":"1.19.0"}]}}]}}]}},"references":{"reference_data":[{"url":"http://www.securityfocus.com/bid/96480","refsource":"MISC","name":"http://www.securityfocus.com/bid/96480"},{"url":"http://www.securitytracker.com/id/1037919","refsource":"MISC","name":"http://www.securitytracker.com/id/1037919"},{"url":"https://security.gentoo.org/glsa/201704-03","refsource":"MISC","name":"https://security.gentoo.org/glsa/201704-03"},{"url":"https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/","refsource":"MISC","name":"https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/"},{"url":"https://security.gentoo.org/glsa/201710-30","refsource":"MISC","name":"https://security.gentoo.org/glsa/201710-30"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2624","refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2624"},{"url":"https://gitlab.freedesktop.org/xorg/xserver/commit/d7ac755f0b618eb1259d93c8a16ec6e39a18627c","refsource":"MISC","name":"https://gitlab.freedesktop.org/xorg/xserver/commit/d7ac755f0b618eb1259d93c8a16ec6e39a18627c"},{"url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html","refsource":"MISC","name":"https://lists.debian.org/debian-lts-announce/2017/11/msg00032.html"}]},"impact":{"cvss":[{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":5.9,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N","version":"3.0"}]}},"nvd":{"publishedDate":"2018-07-27 18:29:00","lastModifiedDate":"2019-10-09 23:26:00","problem_types":["CWE-200"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7,"baseSeverity":"HIGH"},"exploitabilityScore":1,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":1.9},"severity":"LOW","exploitabilityScore":3.4,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*","versionEndIncluding":"1.19.4","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2017","CveId":"2624","Ordinal":"98763","Title":"CVE-2017-2624","CVE":"CVE-2017-2624","Year":"2017"},"notes":[{"CveYear":"2017","CveId":"2624","Ordinal":"1","NoteData":"It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack.","Type":"Description","Title":null},{"CveYear":"2017","CveId":"2624","Ordinal":"2","NoteData":"2018-07-27","Type":"Other","Title":"Published"},{"CveYear":"2017","CveId":"2624","Ordinal":"3","NoteData":"2018-08-03","Type":"Other","Title":"Modified"}]}}}