Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:1598: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-1393: A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
Red Hat Security Data
#vulnerability#mac#linux#red_hat#ibm#sap

Synopsis

Important: tigervnc security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

  • xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability (CVE-2023-1393)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2180288 - CVE-2023-1393 xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM

tigervnc-1.12.0-6.el8_6.3.src.rpm

SHA-256: 939e876db3ad1c4b8b55d5950927128f7b1a13d6183144e6cef95c8a28f9d12b

x86_64

tigervnc-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 5dcbb5ed82c9c66ccea1bd26d86c5ef92b58a6be9c7daa101ef40a624e420df3

tigervnc-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: b16a6937b4065cc3b9a78df8768ece1c5ab0258d04e899c618bd5e5bf2cd95af

tigervnc-debugsource-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: fd0e8619f48a07c24d9090e843f88c6482f37259fcb2584601741af13e12dd9a

tigervnc-icons-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: e6154d244042ee7aa1d66d54a57c304b7da8d22ed0a464a9e2b8365173cae0d3

tigervnc-license-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 52bea243e9b93d3212b71ca513912cd3368189dd9c794e3826ac39b6195d83eb

tigervnc-selinux-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 69b2e35c60a5aced70045713ca282d6da6ee239797ef6d5063fa2799cad53cd9

tigervnc-server-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 96ae64edb274afe72fd9296cca14852f7293fd7b4d8b05162f09f1fdf4e75d38

tigervnc-server-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 6f2327a20b485c94015b54b6f422d7de311fa2452c985f9a949ae129b934855b

tigervnc-server-minimal-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 08b60fd237bc421ac6a56bfdebff8f496e4d336b1f530de57c3c7e461254202a

tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: ac64d51f016eb21135dfee445ab2c326a3705714b51275dcea70f88118c0ff3b

tigervnc-server-module-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: d7960b2e99c533b60dc4825537b14ec9935fc02ab5a2973706091b50b913fca0

tigervnc-server-module-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 3e3b76bb66dd9f1a59989fc9467992788ef67f85a2b74badf0ed75f8eea52443

Red Hat Enterprise Linux Server - AUS 8.6

SRPM

tigervnc-1.12.0-6.el8_6.3.src.rpm

SHA-256: 939e876db3ad1c4b8b55d5950927128f7b1a13d6183144e6cef95c8a28f9d12b

x86_64

tigervnc-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 5dcbb5ed82c9c66ccea1bd26d86c5ef92b58a6be9c7daa101ef40a624e420df3

tigervnc-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: b16a6937b4065cc3b9a78df8768ece1c5ab0258d04e899c618bd5e5bf2cd95af

tigervnc-debugsource-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: fd0e8619f48a07c24d9090e843f88c6482f37259fcb2584601741af13e12dd9a

tigervnc-icons-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: e6154d244042ee7aa1d66d54a57c304b7da8d22ed0a464a9e2b8365173cae0d3

tigervnc-license-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 52bea243e9b93d3212b71ca513912cd3368189dd9c794e3826ac39b6195d83eb

tigervnc-selinux-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 69b2e35c60a5aced70045713ca282d6da6ee239797ef6d5063fa2799cad53cd9

tigervnc-server-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 96ae64edb274afe72fd9296cca14852f7293fd7b4d8b05162f09f1fdf4e75d38

tigervnc-server-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 6f2327a20b485c94015b54b6f422d7de311fa2452c985f9a949ae129b934855b

tigervnc-server-minimal-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 08b60fd237bc421ac6a56bfdebff8f496e4d336b1f530de57c3c7e461254202a

tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: ac64d51f016eb21135dfee445ab2c326a3705714b51275dcea70f88118c0ff3b

tigervnc-server-module-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: d7960b2e99c533b60dc4825537b14ec9935fc02ab5a2973706091b50b913fca0

tigervnc-server-module-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 3e3b76bb66dd9f1a59989fc9467992788ef67f85a2b74badf0ed75f8eea52443

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM

tigervnc-1.12.0-6.el8_6.3.src.rpm

SHA-256: 939e876db3ad1c4b8b55d5950927128f7b1a13d6183144e6cef95c8a28f9d12b

s390x

tigervnc-1.12.0-6.el8_6.3.s390x.rpm

SHA-256: 63597968e8e7133a1f375ea52dde9d851d184dff9f8ebb5486de306b16df9b1a

tigervnc-debuginfo-1.12.0-6.el8_6.3.s390x.rpm

SHA-256: 625b32dbc53efa1e266a4715fb84ae4453361ce1b530f543d9248f5d7ca29d26

tigervnc-debugsource-1.12.0-6.el8_6.3.s390x.rpm

SHA-256: 79510aa3bc120d33e189294680f9a7eb40a4e7b2321860c12323e2edc553a7a8

tigervnc-icons-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: e6154d244042ee7aa1d66d54a57c304b7da8d22ed0a464a9e2b8365173cae0d3

tigervnc-license-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 52bea243e9b93d3212b71ca513912cd3368189dd9c794e3826ac39b6195d83eb

tigervnc-selinux-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 69b2e35c60a5aced70045713ca282d6da6ee239797ef6d5063fa2799cad53cd9

tigervnc-server-1.12.0-6.el8_6.3.s390x.rpm

SHA-256: c4369e128bec5856cf0965d92d127d40eef158cfa8e5782759964afb43ec16bc

tigervnc-server-debuginfo-1.12.0-6.el8_6.3.s390x.rpm

SHA-256: ffa0fc3f5969c72cb3102c0a6296bfe033c8bb6a10ace97cd97f2e75a51049bd

tigervnc-server-minimal-1.12.0-6.el8_6.3.s390x.rpm

SHA-256: 54989587b2a58533807beed202e0725b6b54b5b9901aa7965e77f9f4cd6856e8

tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.3.s390x.rpm

SHA-256: 9f29833436098f417b71a26fed85d4bc557481e65f24e7e689ef07cc87740c7a

tigervnc-server-module-1.12.0-6.el8_6.3.s390x.rpm

SHA-256: 33cb0491eed3806999b9ca0be66dc2903c63cdb6c8be7f4f17a5d5269d2a0eeb

tigervnc-server-module-debuginfo-1.12.0-6.el8_6.3.s390x.rpm

SHA-256: 9048e9d6582e4caf125035ccddf85374602edb60c0ea8e2af5072f45b005d1f7

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM

tigervnc-1.12.0-6.el8_6.3.src.rpm

SHA-256: 939e876db3ad1c4b8b55d5950927128f7b1a13d6183144e6cef95c8a28f9d12b

ppc64le

tigervnc-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: bd5b134cd76f2b2cb8c3607ccd56071e239315790447997ed8a6f538b6094e91

tigervnc-debuginfo-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: c8e33b4c3434dca1647393c840ebb5e553be05b526d3eb3f131ee5fab957dee0

tigervnc-debugsource-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: ff6614869874733f766b5e32de10b8db275f8716eeb6a7110fb9241eb5649f97

tigervnc-icons-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: e6154d244042ee7aa1d66d54a57c304b7da8d22ed0a464a9e2b8365173cae0d3

tigervnc-license-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 52bea243e9b93d3212b71ca513912cd3368189dd9c794e3826ac39b6195d83eb

tigervnc-selinux-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 69b2e35c60a5aced70045713ca282d6da6ee239797ef6d5063fa2799cad53cd9

tigervnc-server-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: 70ae2e9776e416bfa83b2ae2fc978ff29e27d51f2e5b617e630aaee486d63ae2

tigervnc-server-debuginfo-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: 5d248bb4afdf47b59c419921f59414d47210ebd42b4f5e743ed238901d8258c8

tigervnc-server-minimal-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: 2051a675567319817379f6a0035e0b4572ebc220ece80cd271c9dea3bbccd56d

tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: 78d70e215246fc1a921a2e005c981ecb7ee85f0f926776eb22fb92c3f8e1e749

tigervnc-server-module-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: 138eb37ec2f152efd85dcecc033b2d68772c14dbe2b276e2b1e936cb5db4714e

tigervnc-server-module-debuginfo-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: f686eddd14d41df62212e9d8ea4929d17541348393f8b305f860e7e56f53ad3b

Red Hat Enterprise Linux Server - TUS 8.6

SRPM

tigervnc-1.12.0-6.el8_6.3.src.rpm

SHA-256: 939e876db3ad1c4b8b55d5950927128f7b1a13d6183144e6cef95c8a28f9d12b

x86_64

tigervnc-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 5dcbb5ed82c9c66ccea1bd26d86c5ef92b58a6be9c7daa101ef40a624e420df3

tigervnc-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: b16a6937b4065cc3b9a78df8768ece1c5ab0258d04e899c618bd5e5bf2cd95af

tigervnc-debugsource-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: fd0e8619f48a07c24d9090e843f88c6482f37259fcb2584601741af13e12dd9a

tigervnc-icons-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: e6154d244042ee7aa1d66d54a57c304b7da8d22ed0a464a9e2b8365173cae0d3

tigervnc-license-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 52bea243e9b93d3212b71ca513912cd3368189dd9c794e3826ac39b6195d83eb

tigervnc-selinux-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 69b2e35c60a5aced70045713ca282d6da6ee239797ef6d5063fa2799cad53cd9

tigervnc-server-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 96ae64edb274afe72fd9296cca14852f7293fd7b4d8b05162f09f1fdf4e75d38

tigervnc-server-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 6f2327a20b485c94015b54b6f422d7de311fa2452c985f9a949ae129b934855b

tigervnc-server-minimal-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 08b60fd237bc421ac6a56bfdebff8f496e4d336b1f530de57c3c7e461254202a

tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: ac64d51f016eb21135dfee445ab2c326a3705714b51275dcea70f88118c0ff3b

tigervnc-server-module-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: d7960b2e99c533b60dc4825537b14ec9935fc02ab5a2973706091b50b913fca0

tigervnc-server-module-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 3e3b76bb66dd9f1a59989fc9467992788ef67f85a2b74badf0ed75f8eea52443

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM

tigervnc-1.12.0-6.el8_6.3.src.rpm

SHA-256: 939e876db3ad1c4b8b55d5950927128f7b1a13d6183144e6cef95c8a28f9d12b

aarch64

tigervnc-1.12.0-6.el8_6.3.aarch64.rpm

SHA-256: c70eefeb38ecf3dab42c8ec14e62484c11bb9fc9c935c786f4359368b3bf4966

tigervnc-debuginfo-1.12.0-6.el8_6.3.aarch64.rpm

SHA-256: 753f76bb2dcf41a0eadb6611a9dae8b683842771fe06cb3f16b7f1c0d1228699

tigervnc-debugsource-1.12.0-6.el8_6.3.aarch64.rpm

SHA-256: c3ec83edd175a7c2cbd39ed47b0f2b260bca815701448fdcdc18c3bc9a284160

tigervnc-icons-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: e6154d244042ee7aa1d66d54a57c304b7da8d22ed0a464a9e2b8365173cae0d3

tigervnc-license-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 52bea243e9b93d3212b71ca513912cd3368189dd9c794e3826ac39b6195d83eb

tigervnc-selinux-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 69b2e35c60a5aced70045713ca282d6da6ee239797ef6d5063fa2799cad53cd9

tigervnc-server-1.12.0-6.el8_6.3.aarch64.rpm

SHA-256: d77659698d1c1e9ecf7e35cd2196dd6d50ef2b876e302d5deead28ae330fff08

tigervnc-server-debuginfo-1.12.0-6.el8_6.3.aarch64.rpm

SHA-256: 8829017e0ee75aedb33ca6cbf2c53f7ee02788c2a2593bb51a04eb3ae5df130b

tigervnc-server-minimal-1.12.0-6.el8_6.3.aarch64.rpm

SHA-256: 60e4ffc6f955f0c9ab908aa578f077704f50771f1721c51ff593044d942e89b5

tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.3.aarch64.rpm

SHA-256: 1822127de7d28e0d13a92e6d17eaa6addddd2829e9f8fb7c6ccbdadc149a5f15

tigervnc-server-module-1.12.0-6.el8_6.3.aarch64.rpm

SHA-256: b964488d6075ef0f206bb2aa77130669787abd219c06cb8289e068e619f6f717

tigervnc-server-module-debuginfo-1.12.0-6.el8_6.3.aarch64.rpm

SHA-256: c750111ac7c864c94f673684e996273f4e3c81cb0c654039a95996875dbcf615

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM

tigervnc-1.12.0-6.el8_6.3.src.rpm

SHA-256: 939e876db3ad1c4b8b55d5950927128f7b1a13d6183144e6cef95c8a28f9d12b

ppc64le

tigervnc-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: bd5b134cd76f2b2cb8c3607ccd56071e239315790447997ed8a6f538b6094e91

tigervnc-debuginfo-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: c8e33b4c3434dca1647393c840ebb5e553be05b526d3eb3f131ee5fab957dee0

tigervnc-debugsource-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: ff6614869874733f766b5e32de10b8db275f8716eeb6a7110fb9241eb5649f97

tigervnc-icons-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: e6154d244042ee7aa1d66d54a57c304b7da8d22ed0a464a9e2b8365173cae0d3

tigervnc-license-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 52bea243e9b93d3212b71ca513912cd3368189dd9c794e3826ac39b6195d83eb

tigervnc-selinux-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 69b2e35c60a5aced70045713ca282d6da6ee239797ef6d5063fa2799cad53cd9

tigervnc-server-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: 70ae2e9776e416bfa83b2ae2fc978ff29e27d51f2e5b617e630aaee486d63ae2

tigervnc-server-debuginfo-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: 5d248bb4afdf47b59c419921f59414d47210ebd42b4f5e743ed238901d8258c8

tigervnc-server-minimal-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: 2051a675567319817379f6a0035e0b4572ebc220ece80cd271c9dea3bbccd56d

tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: 78d70e215246fc1a921a2e005c981ecb7ee85f0f926776eb22fb92c3f8e1e749

tigervnc-server-module-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: 138eb37ec2f152efd85dcecc033b2d68772c14dbe2b276e2b1e936cb5db4714e

tigervnc-server-module-debuginfo-1.12.0-6.el8_6.3.ppc64le.rpm

SHA-256: f686eddd14d41df62212e9d8ea4929d17541348393f8b305f860e7e56f53ad3b

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM

tigervnc-1.12.0-6.el8_6.3.src.rpm

SHA-256: 939e876db3ad1c4b8b55d5950927128f7b1a13d6183144e6cef95c8a28f9d12b

x86_64

tigervnc-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 5dcbb5ed82c9c66ccea1bd26d86c5ef92b58a6be9c7daa101ef40a624e420df3

tigervnc-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: b16a6937b4065cc3b9a78df8768ece1c5ab0258d04e899c618bd5e5bf2cd95af

tigervnc-debugsource-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: fd0e8619f48a07c24d9090e843f88c6482f37259fcb2584601741af13e12dd9a

tigervnc-icons-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: e6154d244042ee7aa1d66d54a57c304b7da8d22ed0a464a9e2b8365173cae0d3

tigervnc-license-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 52bea243e9b93d3212b71ca513912cd3368189dd9c794e3826ac39b6195d83eb

tigervnc-selinux-1.12.0-6.el8_6.3.noarch.rpm

SHA-256: 69b2e35c60a5aced70045713ca282d6da6ee239797ef6d5063fa2799cad53cd9

tigervnc-server-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 96ae64edb274afe72fd9296cca14852f7293fd7b4d8b05162f09f1fdf4e75d38

tigervnc-server-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 6f2327a20b485c94015b54b6f422d7de311fa2452c985f9a949ae129b934855b

tigervnc-server-minimal-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 08b60fd237bc421ac6a56bfdebff8f496e4d336b1f530de57c3c7e461254202a

tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: ac64d51f016eb21135dfee445ab2c326a3705714b51275dcea70f88118c0ff3b

tigervnc-server-module-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: d7960b2e99c533b60dc4825537b14ec9935fc02ab5a2973706091b50b913fca0

tigervnc-server-module-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm

SHA-256: 3e3b76bb66dd9f1a59989fc9467992788ef67f85a2b74badf0ed75f8eea52443

Related news

Red Hat Security Advisory 2023-1549-01

Red Hat Security Advisory 2023-1549-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-1600-01

Red Hat Security Advisory 2023-1600-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-1594-01

Red Hat Security Advisory 2023-1594-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2023:1594: Red Hat Security Advisory: tigervnc and xorg-x11-server security update

An update for tigervnc and xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1393: A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

RHSA-2023:1599: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1393: A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

RHSA-2023:1600: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1393: A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

RHSA-2023:1592: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1393: A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

RHSA-2023:1551: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1393: A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

RHSA-2023:1548: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1393: A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

RHSA-2023:1549: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1393: A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserve...

CVE-2023-1393: security - Fwd: X.Org Security Advisory: CVE-2023-1393: X.Org Server Overlay Window Use-After-Free

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

Ubuntu Security Notice USN-5986-1

Ubuntu Security Notice 5986-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Debian Security Advisory 5380-1

Debian Linux Security Advisory 5380-1 - Jan-Niklas Sohn discovered that a user-after-free flaw in the Composite extension of the X.org X server may result in privilege escalation if the X server is running under the root user.