Headline
RHSA-2023:0664: Red Hat Security Advisory: tigervnc security update
An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
Synopsis
Important: tigervnc security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.
Security Fix(es):
- xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation (CVE-2023-0494)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
- Red Hat Enterprise Linux Server - AUS 8.4 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.4 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64
Fixes
- BZ - 2165995 - CVE-2023-0494 xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4
SRPM
tigervnc-1.11.0-8.el8_4.1.src.rpm
SHA-256: 5017b46b61681d04fbc47dad0224976379c4d4fd840633b6995fd0505773b21f
x86_64
tigervnc-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: d0c56fbee04f7cf21ebab40ab3a545ea1990255e1006368bc5592d222b3d5d27
tigervnc-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: a459f960d4844851e9fb704d14836727797bd4ec469c8bdfa69c964dc4499f1c
tigervnc-debugsource-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 20101edcf71443f0079bc8480b50a2683a4b3d0e3544ed279e90514ccc2fa978
tigervnc-icons-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 5b7bb896c6b6c0c5b27e4151b93052539f805dd75f7eb115d3306ff646694716
tigervnc-license-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 018b33d47f9c99575ed6a09bbad0bffbfc410a02f3f71fdcb7d27a2b8a9620fc
tigervnc-selinux-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 779abc9e4dacbdec5089f7ba9e8bd2c9e9967e7168dca8fc7f7f2492e74bd519
tigervnc-server-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: caee2baffb667dda36e8529289ca834f3f44d411c77722caaa150dbb36ab407f
tigervnc-server-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 62b3c701852acf46e9e71a31335244160117c5ca76ea64d7b4104cc24175594a
tigervnc-server-minimal-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: d70ebb8e75249e55b99e6fc1be904a77d13a8353e72c48fdd3319b3346294813
tigervnc-server-minimal-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: aabe21011c4897c1cb6b714eb56d5bbc090be96ac5af6af639d38a652dffe757
tigervnc-server-module-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 4bb667f00124ddec1ed68dc865f892261abe9b35f22ea5ba6df605550dde588f
tigervnc-server-module-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 01a102fcba352d68f326b22e30e190584a98f65f28357c2d1b50aaf44e12fb58
Red Hat Enterprise Linux Server - AUS 8.4
SRPM
tigervnc-1.11.0-8.el8_4.1.src.rpm
SHA-256: 5017b46b61681d04fbc47dad0224976379c4d4fd840633b6995fd0505773b21f
x86_64
tigervnc-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: d0c56fbee04f7cf21ebab40ab3a545ea1990255e1006368bc5592d222b3d5d27
tigervnc-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: a459f960d4844851e9fb704d14836727797bd4ec469c8bdfa69c964dc4499f1c
tigervnc-debugsource-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 20101edcf71443f0079bc8480b50a2683a4b3d0e3544ed279e90514ccc2fa978
tigervnc-icons-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 5b7bb896c6b6c0c5b27e4151b93052539f805dd75f7eb115d3306ff646694716
tigervnc-license-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 018b33d47f9c99575ed6a09bbad0bffbfc410a02f3f71fdcb7d27a2b8a9620fc
tigervnc-selinux-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 779abc9e4dacbdec5089f7ba9e8bd2c9e9967e7168dca8fc7f7f2492e74bd519
tigervnc-server-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: caee2baffb667dda36e8529289ca834f3f44d411c77722caaa150dbb36ab407f
tigervnc-server-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 62b3c701852acf46e9e71a31335244160117c5ca76ea64d7b4104cc24175594a
tigervnc-server-minimal-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: d70ebb8e75249e55b99e6fc1be904a77d13a8353e72c48fdd3319b3346294813
tigervnc-server-minimal-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: aabe21011c4897c1cb6b714eb56d5bbc090be96ac5af6af639d38a652dffe757
tigervnc-server-module-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 4bb667f00124ddec1ed68dc865f892261abe9b35f22ea5ba6df605550dde588f
tigervnc-server-module-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 01a102fcba352d68f326b22e30e190584a98f65f28357c2d1b50aaf44e12fb58
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4
SRPM
tigervnc-1.11.0-8.el8_4.1.src.rpm
SHA-256: 5017b46b61681d04fbc47dad0224976379c4d4fd840633b6995fd0505773b21f
s390x
tigervnc-1.11.0-8.el8_4.1.s390x.rpm
SHA-256: d481f56d84832309d3202c465ae2f8db87a244237329122fb4e4a2aff81cd1d9
tigervnc-debuginfo-1.11.0-8.el8_4.1.s390x.rpm
SHA-256: 13e761bab23803b9220a4dfdb9540d30b39b0a45ca585a6265ec04d0c460fc73
tigervnc-debugsource-1.11.0-8.el8_4.1.s390x.rpm
SHA-256: 9fbd79e909cb07fc486cdfc3e27cd82336440f6442627c4ba5b39fe9698d8c4f
tigervnc-icons-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 5b7bb896c6b6c0c5b27e4151b93052539f805dd75f7eb115d3306ff646694716
tigervnc-license-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 018b33d47f9c99575ed6a09bbad0bffbfc410a02f3f71fdcb7d27a2b8a9620fc
tigervnc-selinux-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 779abc9e4dacbdec5089f7ba9e8bd2c9e9967e7168dca8fc7f7f2492e74bd519
tigervnc-server-1.11.0-8.el8_4.1.s390x.rpm
SHA-256: 2af88f5f721d832719e78c9696fe0b606261e24d56c8ebaf00fcf328f8cfdd52
tigervnc-server-debuginfo-1.11.0-8.el8_4.1.s390x.rpm
SHA-256: 6dfb1c16b2e8bcd7d438d3c013584c4a701ccd09bcd136dfb8a1d7f3559faf6a
tigervnc-server-minimal-1.11.0-8.el8_4.1.s390x.rpm
SHA-256: 3ce77fdb06bdf3360a1d8a20e0cb4635f59dbd4ea2ab2d84b64b91dce58e4330
tigervnc-server-minimal-debuginfo-1.11.0-8.el8_4.1.s390x.rpm
SHA-256: 13d10440449f31d536970807ec838a6bc3a1edc94692af95f6b83313295edba5
tigervnc-server-module-1.11.0-8.el8_4.1.s390x.rpm
SHA-256: ad7839170833e8a3cc71e112bc98a0e5dcbc3843c373237ba5ae0c03c9158e70
tigervnc-server-module-debuginfo-1.11.0-8.el8_4.1.s390x.rpm
SHA-256: 1526f5d738b3301b8b6ad3d2d394076fc7da1b52688bf8e9a478a21963fac16c
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4
SRPM
tigervnc-1.11.0-8.el8_4.1.src.rpm
SHA-256: 5017b46b61681d04fbc47dad0224976379c4d4fd840633b6995fd0505773b21f
ppc64le
tigervnc-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: 67ee2144c4ad9b5c7afede467bdff8527e72165d549f5edc7fe4799611a20801
tigervnc-debuginfo-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: d18dbaa651775c0bd4686efe8bb718fc38d5af1e8947bab612e71072f93fad28
tigervnc-debugsource-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: 1144e8cfba40752dfa1b53491459e51f46fa666f60f127b0d4bcf55a3dd13b92
tigervnc-icons-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 5b7bb896c6b6c0c5b27e4151b93052539f805dd75f7eb115d3306ff646694716
tigervnc-license-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 018b33d47f9c99575ed6a09bbad0bffbfc410a02f3f71fdcb7d27a2b8a9620fc
tigervnc-selinux-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 779abc9e4dacbdec5089f7ba9e8bd2c9e9967e7168dca8fc7f7f2492e74bd519
tigervnc-server-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: 05f56aea83e9e6f313ccbc2251dfb6ead01fd7fbfef8fa2d86ef48b4befe403a
tigervnc-server-debuginfo-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: 84e176faaf446ae230522ad1c97ab4157a0f6ca698a18e5cbfa4d0e7a19bf1b3
tigervnc-server-minimal-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: 8468a1f4b08c30711ed42050e031b2ae95f41b91bc5312d57ca5701b44f3ea92
tigervnc-server-minimal-debuginfo-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: decc79302f25f4fe342baf550db7e35451da92e1e258127fcc1ddcf5b067e9e8
tigervnc-server-module-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: c926146c88d90a0912c523a2559c23c57ca947487aa54e4d47efbbf70935c3ae
tigervnc-server-module-debuginfo-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: e5c23fe738b0b67bb8e45e6412d381de3bb47d57636a17d387b9afc2e08c83f7
Red Hat Enterprise Linux Server - TUS 8.4
SRPM
tigervnc-1.11.0-8.el8_4.1.src.rpm
SHA-256: 5017b46b61681d04fbc47dad0224976379c4d4fd840633b6995fd0505773b21f
x86_64
tigervnc-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: d0c56fbee04f7cf21ebab40ab3a545ea1990255e1006368bc5592d222b3d5d27
tigervnc-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: a459f960d4844851e9fb704d14836727797bd4ec469c8bdfa69c964dc4499f1c
tigervnc-debugsource-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 20101edcf71443f0079bc8480b50a2683a4b3d0e3544ed279e90514ccc2fa978
tigervnc-icons-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 5b7bb896c6b6c0c5b27e4151b93052539f805dd75f7eb115d3306ff646694716
tigervnc-license-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 018b33d47f9c99575ed6a09bbad0bffbfc410a02f3f71fdcb7d27a2b8a9620fc
tigervnc-selinux-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 779abc9e4dacbdec5089f7ba9e8bd2c9e9967e7168dca8fc7f7f2492e74bd519
tigervnc-server-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: caee2baffb667dda36e8529289ca834f3f44d411c77722caaa150dbb36ab407f
tigervnc-server-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 62b3c701852acf46e9e71a31335244160117c5ca76ea64d7b4104cc24175594a
tigervnc-server-minimal-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: d70ebb8e75249e55b99e6fc1be904a77d13a8353e72c48fdd3319b3346294813
tigervnc-server-minimal-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: aabe21011c4897c1cb6b714eb56d5bbc090be96ac5af6af639d38a652dffe757
tigervnc-server-module-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 4bb667f00124ddec1ed68dc865f892261abe9b35f22ea5ba6df605550dde588f
tigervnc-server-module-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 01a102fcba352d68f326b22e30e190584a98f65f28357c2d1b50aaf44e12fb58
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4
SRPM
tigervnc-1.11.0-8.el8_4.1.src.rpm
SHA-256: 5017b46b61681d04fbc47dad0224976379c4d4fd840633b6995fd0505773b21f
aarch64
tigervnc-1.11.0-8.el8_4.1.aarch64.rpm
SHA-256: 8fc298f7c9bf4dabfee460323813bed1a28687be4a15096454962efc36c3eee2
tigervnc-debuginfo-1.11.0-8.el8_4.1.aarch64.rpm
SHA-256: 2b7afa25396e7546cecece875a595408d0d8f2f0747c0d12eb85ccc5fd06c1e6
tigervnc-debugsource-1.11.0-8.el8_4.1.aarch64.rpm
SHA-256: 0e2a0a1994284c37aefaa30781717aa5b3f3f95058c68c8ef01daffeba87d040
tigervnc-icons-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 5b7bb896c6b6c0c5b27e4151b93052539f805dd75f7eb115d3306ff646694716
tigervnc-license-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 018b33d47f9c99575ed6a09bbad0bffbfc410a02f3f71fdcb7d27a2b8a9620fc
tigervnc-selinux-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 779abc9e4dacbdec5089f7ba9e8bd2c9e9967e7168dca8fc7f7f2492e74bd519
tigervnc-server-1.11.0-8.el8_4.1.aarch64.rpm
SHA-256: a479ce801684df681024ba1992297996de7803dfd1fd5848afb3f647b3f19f83
tigervnc-server-debuginfo-1.11.0-8.el8_4.1.aarch64.rpm
SHA-256: 0d551761eba1d29ea3f460ab6ec6c6e1490d79b4de6756a4a8f692c2086aa938
tigervnc-server-minimal-1.11.0-8.el8_4.1.aarch64.rpm
SHA-256: 94de537f11b11c5a0049c1383360a02e3d5878bf6f5fab54b0c74a564ca1a58f
tigervnc-server-minimal-debuginfo-1.11.0-8.el8_4.1.aarch64.rpm
SHA-256: 15cdc1f278a70186bd565d8aac5e9a92d855f7b577ebca31923dfb2d14ab43b6
tigervnc-server-module-1.11.0-8.el8_4.1.aarch64.rpm
SHA-256: 2ba3439ae9f34f8a1ad7652bebface09fa3834a169ccff3879bcecf79143f494
tigervnc-server-module-debuginfo-1.11.0-8.el8_4.1.aarch64.rpm
SHA-256: a2a047297f4727c83bb9da73568d339bde1acabad3ef2f8ac441163289e81090
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4
SRPM
tigervnc-1.11.0-8.el8_4.1.src.rpm
SHA-256: 5017b46b61681d04fbc47dad0224976379c4d4fd840633b6995fd0505773b21f
ppc64le
tigervnc-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: 67ee2144c4ad9b5c7afede467bdff8527e72165d549f5edc7fe4799611a20801
tigervnc-debuginfo-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: d18dbaa651775c0bd4686efe8bb718fc38d5af1e8947bab612e71072f93fad28
tigervnc-debugsource-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: 1144e8cfba40752dfa1b53491459e51f46fa666f60f127b0d4bcf55a3dd13b92
tigervnc-icons-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 5b7bb896c6b6c0c5b27e4151b93052539f805dd75f7eb115d3306ff646694716
tigervnc-license-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 018b33d47f9c99575ed6a09bbad0bffbfc410a02f3f71fdcb7d27a2b8a9620fc
tigervnc-selinux-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 779abc9e4dacbdec5089f7ba9e8bd2c9e9967e7168dca8fc7f7f2492e74bd519
tigervnc-server-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: 05f56aea83e9e6f313ccbc2251dfb6ead01fd7fbfef8fa2d86ef48b4befe403a
tigervnc-server-debuginfo-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: 84e176faaf446ae230522ad1c97ab4157a0f6ca698a18e5cbfa4d0e7a19bf1b3
tigervnc-server-minimal-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: 8468a1f4b08c30711ed42050e031b2ae95f41b91bc5312d57ca5701b44f3ea92
tigervnc-server-minimal-debuginfo-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: decc79302f25f4fe342baf550db7e35451da92e1e258127fcc1ddcf5b067e9e8
tigervnc-server-module-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: c926146c88d90a0912c523a2559c23c57ca947487aa54e4d47efbbf70935c3ae
tigervnc-server-module-debuginfo-1.11.0-8.el8_4.1.ppc64le.rpm
SHA-256: e5c23fe738b0b67bb8e45e6412d381de3bb47d57636a17d387b9afc2e08c83f7
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4
SRPM
tigervnc-1.11.0-8.el8_4.1.src.rpm
SHA-256: 5017b46b61681d04fbc47dad0224976379c4d4fd840633b6995fd0505773b21f
x86_64
tigervnc-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: d0c56fbee04f7cf21ebab40ab3a545ea1990255e1006368bc5592d222b3d5d27
tigervnc-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: a459f960d4844851e9fb704d14836727797bd4ec469c8bdfa69c964dc4499f1c
tigervnc-debugsource-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 20101edcf71443f0079bc8480b50a2683a4b3d0e3544ed279e90514ccc2fa978
tigervnc-icons-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 5b7bb896c6b6c0c5b27e4151b93052539f805dd75f7eb115d3306ff646694716
tigervnc-license-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 018b33d47f9c99575ed6a09bbad0bffbfc410a02f3f71fdcb7d27a2b8a9620fc
tigervnc-selinux-1.11.0-8.el8_4.1.noarch.rpm
SHA-256: 779abc9e4dacbdec5089f7ba9e8bd2c9e9967e7168dca8fc7f7f2492e74bd519
tigervnc-server-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: caee2baffb667dda36e8529289ca834f3f44d411c77722caaa150dbb36ab407f
tigervnc-server-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 62b3c701852acf46e9e71a31335244160117c5ca76ea64d7b4104cc24175594a
tigervnc-server-minimal-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: d70ebb8e75249e55b99e6fc1be904a77d13a8353e72c48fdd3319b3346294813
tigervnc-server-minimal-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: aabe21011c4897c1cb6b714eb56d5bbc090be96ac5af6af639d38a652dffe757
tigervnc-server-module-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 4bb667f00124ddec1ed68dc865f892261abe9b35f22ea5ba6df605550dde588f
tigervnc-server-module-debuginfo-1.11.0-8.el8_4.1.x86_64.rpm
SHA-256: 01a102fcba352d68f326b22e30e190584a98f65f28357c2d1b50aaf44e12fb58
Related news
An update for xorg-x11-server is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The ProcXkbGetKb...
An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The ProcXkbGetKb...
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
Red Hat Security Advisory 2023-0671-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-0675-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include a use-after-free vulnerability.
An update for tigervnc and xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code exec...
Red Hat Security Advisory 2023-0663-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-0664-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-0665-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-0662-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-0623-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.
An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read ...
An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote cod...
An update for tigervnc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forw...
Debian Linux Security Advisory 5342-1 - Jan-Niklas Sohn discovered that a user-after-free flaw in the X Input extension of the X.org X server may result in privilege escalation if the X server is running under the root user.
An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote cod...
An update for tigervnc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forw...