Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:2806: Red Hat Security Advisory: xorg-x11-server security and bug fix update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service.
  • CVE-2022-3551: A flaw was found in the xorg-x11-server package. The ProcXkbGetKbdByName function in xkb/xkb.c does not release allocated data when an error is encountered, allowing for a memory leak.
  • CVE-2022-4283: A vulnerability was found in X.Org. This issue occurs because the XkbCopyNames function leaves a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
  • CVE-2022-46340: A vulnerability was found in X.Org. The issue occurs due to the swap handler for the XTestFakeInput request of the XTest extension, possibly corrupting the stack if GenericEvents with lengths larger than 32 bytes are sent through the XTestFakeInput request. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions. This issue does not affect systems where the client and server use the same byte order.
  • CVE-2022-46341: A vulnerability was found in X.Org. This issue occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
  • CVE-2022-46342: A vulnerability was found in X.Org. This flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
  • CVE-2022-46343: A vulnerability was found in X.Org. This issue occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This flaw can lead to local privileges elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
  • CVE-2022-46344: A vulnerability was found in X.Org. The issue occurs because the handler for the XIChangeProperty request has a length-validation issue, resulting in out-of-bounds memory reads and potential information disclosure. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
  • CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
Red Hat Security Data
Open in Source
#vulnerability#linux#red_hat#dos#rce#buffer_overflow#ssh#ibm

Synopsis

Moderate: xorg-x11-server security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.

Security Fix(es):

  • xorg-x11-server: buffer overflow in _GetCountedString() in xkb/xkb.c (CVE-2022-3550)
  • xorg-x11-server: XkbGetKbdByName use-after-free (CVE-2022-4283)
  • xorg-x11-server: XTestSwapFakeInput stack overflow (CVE-2022-46340)
  • xorg-x11-server: XIPassiveUngrab out-of-bounds access (CVE-2022-46341)
  • xorg-x11-server: XvdiSelectVideoNotify use-after-free (CVE-2022-46342)
  • xorg-x11-server: ScreenSaverSetAttributes use-after-free (CVE-2022-46343)
  • xorg-x11-server: XIChangeProperty out-of-bounds access (CVE-2022-46344)
  • xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation (CVE-2023-0494)
  • xorg-x11-server: memory leak in ProcXkbGetKbdByName() in xkb/xkb.c (CVE-2022-3551)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

Fixes

  • BZ - 2140698 - CVE-2022-3550 xorg-x11-server: buffer overflow in _GetCountedString() in xkb/xkb.c
  • BZ - 2140701 - CVE-2022-3551 xorg-x11-server: memory leak in ProcXkbGetKbdByName() in xkb/xkb.c
  • BZ - 2151755 - CVE-2022-46340 xorg-x11-server: XTestSwapFakeInput stack overflow
  • BZ - 2151756 - CVE-2022-46341 xorg-x11-server: XIPassiveUngrab out-of-bounds access
  • BZ - 2151757 - CVE-2022-46342 xorg-x11-server: XvdiSelectVideoNotify use-after-free
  • BZ - 2151758 - CVE-2022-46343 xorg-x11-server: ScreenSaverSetAttributes use-after-free
  • BZ - 2151760 - CVE-2022-46344 xorg-x11-server: XIChangeProperty out-of-bounds access
  • BZ - 2151761 - CVE-2022-4283 xorg-x11-server: XkbGetKbdByName use-after-free
  • BZ - 2165995 - CVE-2023-0494 xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation
  • BZ - 2169522 - xvfb-run "-l" or “–listen-tcp” option does not work

CVEs

  • CVE-2022-3550
  • CVE-2022-3551
  • CVE-2022-4283
  • CVE-2022-46340
  • CVE-2022-46341
  • CVE-2022-46342
  • CVE-2022-46343
  • CVE-2022-46344
  • CVE-2023-0494

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index

Red Hat Enterprise Linux for x86_64 8

SRPM

xorg-x11-server-1.20.11-15.el8.src.rpm

SHA-256: 41300ab099b014faf067b786577aa670d0b0e214ea7493710d9ba941f899759c

x86_64

xorg-x11-server-Xdmx-1.20.11-15.el8.x86_64.rpm

SHA-256: 6088a72f7a682097d7c884e76c5da2307fda82baa45a04adba4272d702bcec21

xorg-x11-server-Xdmx-debuginfo-1.20.11-15.el8.x86_64.rpm

SHA-256: 04731f8316376e050acd23b0583ac25e545282d4bbcb6250528084fbce2579a3

xorg-x11-server-Xephyr-1.20.11-15.el8.x86_64.rpm

SHA-256: ee67b7da79b38191994235c78386f42885a906a8e75f7b24c8de61a4e1664acb

xorg-x11-server-Xephyr-debuginfo-1.20.11-15.el8.x86_64.rpm

SHA-256: fcfdc2bcb14fc2d8bf6b399f294c3a3f86881db7c0100c9c1413689bc78823ff

xorg-x11-server-Xnest-1.20.11-15.el8.x86_64.rpm

SHA-256: c84c1e79f6024b3d1d36b32208a95592606bc6da9bf02af24825e9106a758ed9

xorg-x11-server-Xnest-debuginfo-1.20.11-15.el8.x86_64.rpm

SHA-256: 81f85f561a24da8ec58eaf581e1cdc8b449897d200f037f418eca5ce9d2f5438

xorg-x11-server-Xorg-1.20.11-15.el8.x86_64.rpm

SHA-256: e434db27935f781579a561fee51b8f831f6ce88381dcfc4365c7b6e3bc46835a

xorg-x11-server-Xorg-debuginfo-1.20.11-15.el8.x86_64.rpm

SHA-256: fb128b6417a648a224158fcd3822a7822b6c0d1cbf3068b93334866c1bd05557

xorg-x11-server-Xvfb-1.20.11-15.el8.x86_64.rpm

SHA-256: c46d52ed542c3d4663972143c3cabca028bfbb6648be8b5eea618082a2c9d708

xorg-x11-server-Xvfb-debuginfo-1.20.11-15.el8.x86_64.rpm

SHA-256: 84f8220c83a01ed5b43d80dff6a43916301cf9d3c0d54ca72b7a5a2468f905a4

xorg-x11-server-common-1.20.11-15.el8.x86_64.rpm

SHA-256: 3f0efc7cab321508af09c3f0cb3a1fdeb1e560a443b9f64ad421fca894e3d3b7

xorg-x11-server-debuginfo-1.20.11-15.el8.x86_64.rpm

SHA-256: 1f31229ef578835075a0d14c2885dd6363b52d35291bb3bb4d510f06baffff19

xorg-x11-server-debugsource-1.20.11-15.el8.x86_64.rpm

SHA-256: d2fadd0a0c925f83dbf7ef8fc6c92c66e6fee0e1693e48cc38ebdbe84d6575b3

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

xorg-x11-server-1.20.11-15.el8.src.rpm

SHA-256: 41300ab099b014faf067b786577aa670d0b0e214ea7493710d9ba941f899759c

s390x

xorg-x11-server-Xdmx-1.20.11-15.el8.s390x.rpm

SHA-256: 2f16427f506a9bc0021a46c509fbf2e96638837015efd09ed4e6fa2f623c426b

xorg-x11-server-Xdmx-debuginfo-1.20.11-15.el8.s390x.rpm

SHA-256: 587154b1e8728896d905b58ba058fd3fe6e50fd0b150750cb905e40ce8f28e8d

xorg-x11-server-Xephyr-1.20.11-15.el8.s390x.rpm

SHA-256: ad8fccf224210d2805eb037391de0936864094303444dc42f2c2b930ebe621a5

xorg-x11-server-Xephyr-debuginfo-1.20.11-15.el8.s390x.rpm

SHA-256: 207d7aeacc49297b16b7e63fad6609d8645dcc2a0dabb825620833d8be490302

xorg-x11-server-Xnest-1.20.11-15.el8.s390x.rpm

SHA-256: eb02c03afd1b719341ec2d4b2983b42b27f6cd49cb15f12969e2032d694afe25

xorg-x11-server-Xnest-debuginfo-1.20.11-15.el8.s390x.rpm

SHA-256: f48f89b4f675605ced2aa807e45e3c472f1b90841145d03df739f4848bcd59ed

xorg-x11-server-Xorg-1.20.11-15.el8.s390x.rpm

SHA-256: d02ea253919628b0c0290ecf95cea276166707b384432b680bb556108821bcee

xorg-x11-server-Xorg-debuginfo-1.20.11-15.el8.s390x.rpm

SHA-256: a89496f3364498e24f34aaa9c35a8461e0e4d1de9d73e3ce4ff0969a3992b507

xorg-x11-server-Xvfb-1.20.11-15.el8.s390x.rpm

SHA-256: 0953972e80babb3dfb57279870130c88fab62e852ef778739cd9fbe91909a7f4

xorg-x11-server-Xvfb-debuginfo-1.20.11-15.el8.s390x.rpm

SHA-256: 6cace2f95de26ca5a1661d0cdf6eefcb2ea00f3db5ccbb8df504d35dc4e6d6e0

xorg-x11-server-common-1.20.11-15.el8.s390x.rpm

SHA-256: 717b112704fb0b98a4a9e8143d95c5c7d751ed7f12443a2fa1d94e4bc28aa9d6

xorg-x11-server-debuginfo-1.20.11-15.el8.s390x.rpm

SHA-256: 4ef26badb3fba6746143458e28dce85ebc393a7536d9296b62a77bbd310ca450

xorg-x11-server-debugsource-1.20.11-15.el8.s390x.rpm

SHA-256: 0902db3afe934b69dfcd72d2ac6d7516ba4bfa52e989394cecd85289f5a67f5f

Red Hat Enterprise Linux for Power, little endian 8

SRPM

xorg-x11-server-1.20.11-15.el8.src.rpm

SHA-256: 41300ab099b014faf067b786577aa670d0b0e214ea7493710d9ba941f899759c

ppc64le

xorg-x11-server-Xdmx-1.20.11-15.el8.ppc64le.rpm

SHA-256: 03c371954259e8580a926fd03a72125701c5b37dd0cc2c7fcca7d49fa5f0a0e4

xorg-x11-server-Xdmx-debuginfo-1.20.11-15.el8.ppc64le.rpm

SHA-256: 1b30d22a93169620c44d94402def8785eab116af6e3ef844da73de175966e591

xorg-x11-server-Xephyr-1.20.11-15.el8.ppc64le.rpm

SHA-256: 7377c628be0e5e60a807a18cc6cf88dc938cecb6f76e97e37c741bc0178919e8

xorg-x11-server-Xephyr-debuginfo-1.20.11-15.el8.ppc64le.rpm

SHA-256: 7eb461cd153e54177f4c7c00344da8f8c8bf68fdfd9b30878659b9f76912b02d

xorg-x11-server-Xnest-1.20.11-15.el8.ppc64le.rpm

SHA-256: dce01b7ca4e127ab4ac919cb0aef380f52137babf4f1fe6dce34b5d8c5e36ed2

xorg-x11-server-Xnest-debuginfo-1.20.11-15.el8.ppc64le.rpm

SHA-256: 12a43cc3cefecfe4f6059ddefa990a72beb635d1d515ba661ca8172ea6cce626

xorg-x11-server-Xorg-1.20.11-15.el8.ppc64le.rpm

SHA-256: ce137c1957fe0875ce5308eb5b69d1a38d43110f58f34f446525e50c4595a80f

xorg-x11-server-Xorg-debuginfo-1.20.11-15.el8.ppc64le.rpm

SHA-256: 798449828e7775c1c0709937530d4a19eb3a97b6ec90a860b349b84bfa8c0e65

xorg-x11-server-Xvfb-1.20.11-15.el8.ppc64le.rpm

SHA-256: abb60e896a8ecfa109222fb3b049d4644bc2594369855527c771d6d77b72d3c2

xorg-x11-server-Xvfb-debuginfo-1.20.11-15.el8.ppc64le.rpm

SHA-256: f7484e7767a516d1e7790c879f24f492c41583d3dc8e7a804d3e6f1e8220d4e3

xorg-x11-server-common-1.20.11-15.el8.ppc64le.rpm

SHA-256: 12bac0cceb4b243c2837e2564b82c0348b9f7b23f1849f250d2a9f1e195504df

xorg-x11-server-debuginfo-1.20.11-15.el8.ppc64le.rpm

SHA-256: 6a9edaf6b06ccb05004256c466a6bc9f04f908c565f1ce73b43ace75e708a1c4

xorg-x11-server-debugsource-1.20.11-15.el8.ppc64le.rpm

SHA-256: f6bef7b89909dded5c6eb99414c640df860b3aa3435cdfcdfdc0f7248d8ac3f5

Red Hat Enterprise Linux for ARM 64 8

SRPM

xorg-x11-server-1.20.11-15.el8.src.rpm

SHA-256: 41300ab099b014faf067b786577aa670d0b0e214ea7493710d9ba941f899759c

aarch64

xorg-x11-server-Xdmx-1.20.11-15.el8.aarch64.rpm

SHA-256: b873bc799517dc5e606a024d2461788e315d8a67bc8d1786e0de51810f6658fe

xorg-x11-server-Xdmx-debuginfo-1.20.11-15.el8.aarch64.rpm

SHA-256: b290755d4f60db060b1d9dc791422937e90070e050abe0c156b80101b97d19b4

xorg-x11-server-Xephyr-1.20.11-15.el8.aarch64.rpm

SHA-256: cc5b13e2c16481cb64b6524c13cd822fda41110ae86151e0a4d28d6ffa589877

xorg-x11-server-Xephyr-debuginfo-1.20.11-15.el8.aarch64.rpm

SHA-256: bee92fb6bc4c292022c16d748a3bd8ac2365d7b69d7fa2fc3e6f1a92bd666eb7

xorg-x11-server-Xnest-1.20.11-15.el8.aarch64.rpm

SHA-256: e65c7f2df4699a48ffca72b9a0d7ad197e19b873c702e8da06d98789ec026c41

xorg-x11-server-Xnest-debuginfo-1.20.11-15.el8.aarch64.rpm

SHA-256: 3452e04d330b5bf36cd685bc5d3cf3ed6c182b4c0cc4b93fde86305d8df9f864

xorg-x11-server-Xorg-1.20.11-15.el8.aarch64.rpm

SHA-256: a8d06ec2ab4a6dbf64ead7ad047ae40708a39543f08e75081941aff61ca45f69

xorg-x11-server-Xorg-debuginfo-1.20.11-15.el8.aarch64.rpm

SHA-256: 3bcf24143a7487192084a1804116f5b12f703893a620607c473b9548f8c47733

xorg-x11-server-Xvfb-1.20.11-15.el8.aarch64.rpm

SHA-256: a1712c5663b4a0add54333ca54006edf05dca42cc379246288c28fd524436ccd

xorg-x11-server-Xvfb-debuginfo-1.20.11-15.el8.aarch64.rpm

SHA-256: 66ebc61b4253b5470460681cd1c36f60a6f40f86841b200f2845e8ace6a10a03

xorg-x11-server-common-1.20.11-15.el8.aarch64.rpm

SHA-256: 0f575f5c9f020ebab4af57abf8360cb914a1dfec7493a82fcc79d4c9aabbd2ef

xorg-x11-server-debuginfo-1.20.11-15.el8.aarch64.rpm

SHA-256: caeaa5282e3798066987876fb7821ad0a4a67ea87bf85fdeb2ae9cd18ddf4645

xorg-x11-server-debugsource-1.20.11-15.el8.aarch64.rpm

SHA-256: 43c1c12719d342dd5d000fe965dac59f380fbf99789b93d3eef260f6d58d1239

Red Hat CodeReady Linux Builder for x86_64 8

SRPM

x86_64

xorg-x11-server-Xdmx-debuginfo-1.20.11-15.el8.i686.rpm

SHA-256: 3345266a42275dc3314dd648a637b826f6a2782eb0865a93b5be9f2cbd795c70

xorg-x11-server-Xdmx-debuginfo-1.20.11-15.el8.x86_64.rpm

SHA-256: 04731f8316376e050acd23b0583ac25e545282d4bbcb6250528084fbce2579a3

xorg-x11-server-Xephyr-debuginfo-1.20.11-15.el8.i686.rpm

SHA-256: e65eaed7923a912dbd0982be8b49826373a3384de5b2fe5e1b1eccc84adf6122

xorg-x11-server-Xephyr-debuginfo-1.20.11-15.el8.x86_64.rpm

SHA-256: fcfdc2bcb14fc2d8bf6b399f294c3a3f86881db7c0100c9c1413689bc78823ff

xorg-x11-server-Xnest-debuginfo-1.20.11-15.el8.i686.rpm

SHA-256: 4412b13fa5821ccc749305b067f11bc730f67382597697679b9b0a8d1add3792

xorg-x11-server-Xnest-debuginfo-1.20.11-15.el8.x86_64.rpm

SHA-256: 81f85f561a24da8ec58eaf581e1cdc8b449897d200f037f418eca5ce9d2f5438

xorg-x11-server-Xorg-debuginfo-1.20.11-15.el8.i686.rpm

SHA-256: a28a000f2910f57bbf463abc61d3cfc481eb1170f8220574be490ed588770bef

xorg-x11-server-Xorg-debuginfo-1.20.11-15.el8.x86_64.rpm

SHA-256: fb128b6417a648a224158fcd3822a7822b6c0d1cbf3068b93334866c1bd05557

xorg-x11-server-Xvfb-debuginfo-1.20.11-15.el8.i686.rpm

SHA-256: 9b0bbf92bd416bed4ac75f9c0222e8786f8ed9dd6c68d3db6ba2e9e11b0596aa

xorg-x11-server-Xvfb-debuginfo-1.20.11-15.el8.x86_64.rpm

SHA-256: 84f8220c83a01ed5b43d80dff6a43916301cf9d3c0d54ca72b7a5a2468f905a4

xorg-x11-server-debuginfo-1.20.11-15.el8.i686.rpm

SHA-256: e9e74cb542354717bbb9ba6df6794b386f8ceaa40cbc26ac9c48cdb2e229d9b2

xorg-x11-server-debuginfo-1.20.11-15.el8.x86_64.rpm

SHA-256: 1f31229ef578835075a0d14c2885dd6363b52d35291bb3bb4d510f06baffff19

xorg-x11-server-debugsource-1.20.11-15.el8.i686.rpm

SHA-256: b134a1715473c044ce15f1a25599e6aab338ded1c932ec8ad75951bece00ea15

xorg-x11-server-debugsource-1.20.11-15.el8.x86_64.rpm

SHA-256: d2fadd0a0c925f83dbf7ef8fc6c92c66e6fee0e1693e48cc38ebdbe84d6575b3

xorg-x11-server-devel-1.20.11-15.el8.i686.rpm

SHA-256: aae9a77f46d983c8ebab0373aa6f568f84f83a67f742ffaf5e3e3cfd898ce42f

xorg-x11-server-devel-1.20.11-15.el8.x86_64.rpm

SHA-256: 9ede37fed4650ea4e376c9f3d54d1855b5e8997e498faf9c56166fbda3347fc2

xorg-x11-server-source-1.20.11-15.el8.noarch.rpm

SHA-256: d9a0c301fb86423317368bcb98fa47e72057e9d3b57b83cdefe1029902a7b347

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM

ppc64le

xorg-x11-server-Xdmx-debuginfo-1.20.11-15.el8.ppc64le.rpm

SHA-256: 1b30d22a93169620c44d94402def8785eab116af6e3ef844da73de175966e591

xorg-x11-server-Xephyr-debuginfo-1.20.11-15.el8.ppc64le.rpm

SHA-256: 7eb461cd153e54177f4c7c00344da8f8c8bf68fdfd9b30878659b9f76912b02d

xorg-x11-server-Xnest-debuginfo-1.20.11-15.el8.ppc64le.rpm

SHA-256: 12a43cc3cefecfe4f6059ddefa990a72beb635d1d515ba661ca8172ea6cce626

xorg-x11-server-Xorg-debuginfo-1.20.11-15.el8.ppc64le.rpm

SHA-256: 798449828e7775c1c0709937530d4a19eb3a97b6ec90a860b349b84bfa8c0e65

xorg-x11-server-Xvfb-debuginfo-1.20.11-15.el8.ppc64le.rpm

SHA-256: f7484e7767a516d1e7790c879f24f492c41583d3dc8e7a804d3e6f1e8220d4e3

xorg-x11-server-debuginfo-1.20.11-15.el8.ppc64le.rpm

SHA-256: 6a9edaf6b06ccb05004256c466a6bc9f04f908c565f1ce73b43ace75e708a1c4

xorg-x11-server-debugsource-1.20.11-15.el8.ppc64le.rpm

SHA-256: f6bef7b89909dded5c6eb99414c640df860b3aa3435cdfcdfdc0f7248d8ac3f5

xorg-x11-server-devel-1.20.11-15.el8.ppc64le.rpm

SHA-256: 9fe8573c0ad68420393a0b4633480f98e14b092e07303249080a74dc0d13e918

xorg-x11-server-source-1.20.11-15.el8.noarch.rpm

SHA-256: d9a0c301fb86423317368bcb98fa47e72057e9d3b57b83cdefe1029902a7b347

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM

aarch64

xorg-x11-server-Xdmx-debuginfo-1.20.11-15.el8.aarch64.rpm

SHA-256: b290755d4f60db060b1d9dc791422937e90070e050abe0c156b80101b97d19b4

xorg-x11-server-Xephyr-debuginfo-1.20.11-15.el8.aarch64.rpm

SHA-256: bee92fb6bc4c292022c16d748a3bd8ac2365d7b69d7fa2fc3e6f1a92bd666eb7

xorg-x11-server-Xnest-debuginfo-1.20.11-15.el8.aarch64.rpm

SHA-256: 3452e04d330b5bf36cd685bc5d3cf3ed6c182b4c0cc4b93fde86305d8df9f864

xorg-x11-server-Xorg-debuginfo-1.20.11-15.el8.aarch64.rpm

SHA-256: 3bcf24143a7487192084a1804116f5b12f703893a620607c473b9548f8c47733

xorg-x11-server-Xvfb-debuginfo-1.20.11-15.el8.aarch64.rpm

SHA-256: 66ebc61b4253b5470460681cd1c36f60a6f40f86841b200f2845e8ace6a10a03

xorg-x11-server-debuginfo-1.20.11-15.el8.aarch64.rpm

SHA-256: caeaa5282e3798066987876fb7821ad0a4a67ea87bf85fdeb2ae9cd18ddf4645

xorg-x11-server-debugsource-1.20.11-15.el8.aarch64.rpm

SHA-256: 43c1c12719d342dd5d000fe965dac59f380fbf99789b93d3eef260f6d58d1239

xorg-x11-server-devel-1.20.11-15.el8.aarch64.rpm

SHA-256: f72e5868b8142cca6a06796b1e55a03c5a07587c7c43a897dd9e3dc5d0d982a1

xorg-x11-server-source-1.20.11-15.el8.noarch.rpm

SHA-256: d9a0c301fb86423317368bcb98fa47e72057e9d3b57b83cdefe1029902a7b347

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM

s390x

xorg-x11-server-Xdmx-debuginfo-1.20.11-15.el8.s390x.rpm

SHA-256: 587154b1e8728896d905b58ba058fd3fe6e50fd0b150750cb905e40ce8f28e8d

xorg-x11-server-Xephyr-debuginfo-1.20.11-15.el8.s390x.rpm

SHA-256: 207d7aeacc49297b16b7e63fad6609d8645dcc2a0dabb825620833d8be490302

xorg-x11-server-Xnest-debuginfo-1.20.11-15.el8.s390x.rpm

SHA-256: f48f89b4f675605ced2aa807e45e3c472f1b90841145d03df739f4848bcd59ed

xorg-x11-server-Xorg-debuginfo-1.20.11-15.el8.s390x.rpm

SHA-256: a89496f3364498e24f34aaa9c35a8461e0e4d1de9d73e3ce4ff0969a3992b507

xorg-x11-server-Xvfb-debuginfo-1.20.11-15.el8.s390x.rpm

SHA-256: 6cace2f95de26ca5a1661d0cdf6eefcb2ea00f3db5ccbb8df504d35dc4e6d6e0

xorg-x11-server-debuginfo-1.20.11-15.el8.s390x.rpm

SHA-256: 4ef26badb3fba6746143458e28dce85ebc393a7536d9296b62a77bbd310ca450

xorg-x11-server-debugsource-1.20.11-15.el8.s390x.rpm

SHA-256: 0902db3afe934b69dfcd72d2ac6d7516ba4bfa52e989394cecd85289f5a67f5f

xorg-x11-server-devel-1.20.11-15.el8.s390x.rpm

SHA-256: 70a97d52c9c9e40f276821a2528801fb49e97d7a6cd3f90b98daecefd68806b0

xorg-x11-server-source-1.20.11-15.el8.noarch.rpm

SHA-256: d9a0c301fb86423317368bcb98fa47e72057e9d3b57b83cdefe1029902a7b347

Related news

RHSA-2023:2805: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The Pro...

RHSA-2023:2805: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The Pro...

RHSA-2023:2830: Red Hat Security Advisory: tigervnc security and bug fix update

An update for tigervnc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: A vulnerability was found in X.Org. This issue occurs because the XkbCopyNames function leaves a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwar...

RHSA-2023:2830: Red Hat Security Advisory: tigervnc security and bug fix update

An update for tigervnc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: A vulnerability was found in X.Org. This issue occurs because the XkbCopyNames function leaves a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwar...

RHSA-2023:2830: Red Hat Security Advisory: tigervnc security and bug fix update

An update for tigervnc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: A vulnerability was found in X.Org. This issue occurs because the XkbCopyNames function leaves a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwar...

RHSA-2023:2830: Red Hat Security Advisory: tigervnc security and bug fix update

An update for tigervnc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: A vulnerability was found in X.Org. This issue occurs because the XkbCopyNames function leaves a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwar...

RHSA-2023:2830: Red Hat Security Advisory: tigervnc security and bug fix update

An update for tigervnc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: A vulnerability was found in X.Org. This issue occurs because the XkbCopyNames function leaves a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwar...

RHSA-2023:2830: Red Hat Security Advisory: tigervnc security and bug fix update

An update for tigervnc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: A vulnerability was found in X.Org. This issue occurs because the XkbCopyNames function leaves a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwar...

RHSA-2023:2249: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The Pro...

RHSA-2023:2249: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The Pro...

RHSA-2023:2249: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The Pro...

RHSA-2023:2249: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The Pro...

RHSA-2023:2249: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The Pro...

RHSA-2023:2249: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The Pro...

RHSA-2023:2249: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The Pro...

RHSA-2023:2249: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The Pro...

RHSA-2023:2248: Red Hat Security Advisory: xorg-x11-server security and bug fix update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The ProcXkbGetKb...

RHSA-2023:2248: Red Hat Security Advisory: xorg-x11-server security and bug fix update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The ProcXkbGetKb...

RHSA-2023:2248: Red Hat Security Advisory: xorg-x11-server security and bug fix update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The ProcXkbGetKb...

RHSA-2023:2248: Red Hat Security Advisory: xorg-x11-server security and bug fix update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The ProcXkbGetKb...

RHSA-2023:2248: Red Hat Security Advisory: xorg-x11-server security and bug fix update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The ProcXkbGetKb...

RHSA-2023:2248: Red Hat Security Advisory: xorg-x11-server security and bug fix update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The ProcXkbGetKb...

RHSA-2023:2248: Red Hat Security Advisory: xorg-x11-server security and bug fix update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The ProcXkbGetKb...

RHSA-2023:2248: Red Hat Security Advisory: xorg-x11-server security and bug fix update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The ProcXkbGetKb...

Ubuntu Security Notice USN-5778-2

Ubuntu Security Notice 5778-2 - USN-5778-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Ubuntu Security Notice USN-5778-2

Ubuntu Security Notice 5778-2 - USN-5778-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Ubuntu Security Notice USN-5778-2

Ubuntu Security Notice 5778-2 - USN-5778-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Ubuntu Security Notice USN-5778-2

Ubuntu Security Notice 5778-2 - USN-5778-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Ubuntu Security Notice USN-5778-2

Ubuntu Security Notice 5778-2 - USN-5778-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Red Hat Security Advisory 2023-0671-01

Red Hat Security Advisory 2023-0671-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.

RHSA-2023:0675: Red Hat Security Advisory: tigervnc and xorg-x11-server security update

An update for tigervnc and xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code exec...

Red Hat Security Advisory 2023-0664-01

Red Hat Security Advisory 2023-0664-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0665-01

Red Hat Security Advisory 2023-0665-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0662-01

Red Hat Security Advisory 2023-0662-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.

RHSA-2023:0663: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote cod...

RHSA-2023:0664: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote cod...

RHSA-2023:0665: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and ...

Debian Security Advisory 5342-1

Debian Linux Security Advisory 5342-1 - Jan-Niklas Sohn discovered that a user-after-free flaw in the X Input extension of the X.org X server may result in privilege escalation if the X server is running under the root user.

RHSA-2023:0623: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote cod...

Red Hat Security Advisory 2023-0045-01

Red Hat Security Advisory 2023-0045-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include out of bounds access and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-0045-01

Red Hat Security Advisory 2023-0045-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include out of bounds access and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-0045-01

Red Hat Security Advisory 2023-0045-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include out of bounds access and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-0045-01

Red Hat Security Advisory 2023-0045-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include out of bounds access and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-0045-01

Red Hat Security Advisory 2023-0045-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include out of bounds access and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-0045-01

Red Hat Security Advisory 2023-0045-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include out of bounds access and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-0046-01

Red Hat Security Advisory 2023-0046-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include out of bounds access and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-0046-01

Red Hat Security Advisory 2023-0046-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include out of bounds access and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-0046-01

Red Hat Security Advisory 2023-0046-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include out of bounds access and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-0046-01

Red Hat Security Advisory 2023-0046-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include out of bounds access and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-0046-01

Red Hat Security Advisory 2023-0046-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include out of bounds access and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-0046-01

Red Hat Security Advisory 2023-0046-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include out of bounds access and use-after-free vulnerabilities.

RHSA-2023:0046: Red Hat Security Advisory: xorg-x11-server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: xorg-x11-server: X.Org Server XkbGetKbdByName use-after-free * CVE-2022-46340: xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow * CVE-2022-46341: xorg-x11-server: X.Org Server XIPassiveUngrab out-of-bounds access * CVE-2022-46342: xorg-x11-server: X.Org Server XvdiSelectVideoNotify use-after-free * CVE-2022-46343: xorg-x11-...

RHSA-2023:0046: Red Hat Security Advisory: xorg-x11-server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: xorg-x11-server: X.Org Server XkbGetKbdByName use-after-free * CVE-2022-46340: xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow * CVE-2022-46341: xorg-x11-server: X.Org Server XIPassiveUngrab out-of-bounds access * CVE-2022-46342: xorg-x11-server: X.Org Server XvdiSelectVideoNotify use-after-free * CVE-2022-46343: xorg-x11-...

RHSA-2023:0045: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: xorg-x11-server: X.Org Server XkbGetKbdByName use-after-free * CVE-2022-46340: xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow * CVE-2022-46341: xorg-x11-server: X.Org Server XIPassiveUngrab out-of-bounds access * CVE-2022-46342: xorg-x11-server: X.Org Server XvdiSelectVideoNotify use-after-free * CVE-2022-46343: xorg-x11-server:...

RHSA-2023:0046: Red Hat Security Advisory: xorg-x11-server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: xorg-x11-server: X.Org Server XkbGetKbdByName use-after-free * CVE-2022-46340: xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow * CVE-2022-46341: xorg-x11-server: X.Org Server XIPassiveUngrab out-of-bounds access * CVE-2022-46342: xorg-x11-server: X.Org Server XvdiSelectVideoNotify use-after-free * CVE-2022-46343: xorg-x11-...

RHSA-2023:0045: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: xorg-x11-server: X.Org Server XkbGetKbdByName use-after-free * CVE-2022-46340: xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow * CVE-2022-46341: xorg-x11-server: X.Org Server XIPassiveUngrab out-of-bounds access * CVE-2022-46342: xorg-x11-server: X.Org Server XvdiSelectVideoNotify use-after-free * CVE-2022-46343: xorg-x11-server:...

RHSA-2023:0045: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: xorg-x11-server: X.Org Server XkbGetKbdByName use-after-free * CVE-2022-46340: xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow * CVE-2022-46341: xorg-x11-server: X.Org Server XIPassiveUngrab out-of-bounds access * CVE-2022-46342: xorg-x11-server: X.Org Server XvdiSelectVideoNotify use-after-free * CVE-2022-46343: xorg-x11-server:...

RHSA-2023:0045: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: xorg-x11-server: X.Org Server XkbGetKbdByName use-after-free * CVE-2022-46340: xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow * CVE-2022-46341: xorg-x11-server: X.Org Server XIPassiveUngrab out-of-bounds access * CVE-2022-46342: xorg-x11-server: X.Org Server XvdiSelectVideoNotify use-after-free * CVE-2022-46343: xorg-x11-server:...

RHSA-2023:0046: Red Hat Security Advisory: xorg-x11-server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: xorg-x11-server: X.Org Server XkbGetKbdByName use-after-free * CVE-2022-46340: xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow * CVE-2022-46341: xorg-x11-server: X.Org Server XIPassiveUngrab out-of-bounds access * CVE-2022-46342: xorg-x11-server: X.Org Server XvdiSelectVideoNotify use-after-free * CVE-2022-46343: xorg-x11-...

RHSA-2023:0045: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: xorg-x11-server: X.Org Server XkbGetKbdByName use-after-free * CVE-2022-46340: xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow * CVE-2022-46341: xorg-x11-server: X.Org Server XIPassiveUngrab out-of-bounds access * CVE-2022-46342: xorg-x11-server: X.Org Server XvdiSelectVideoNotify use-after-free * CVE-2022-46343: xorg-x11-server:...

RHSA-2023:0046: Red Hat Security Advisory: xorg-x11-server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: xorg-x11-server: X.Org Server XkbGetKbdByName use-after-free * CVE-2022-46340: xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow * CVE-2022-46341: xorg-x11-server: X.Org Server XIPassiveUngrab out-of-bounds access * CVE-2022-46342: xorg-x11-server: X.Org Server XvdiSelectVideoNotify use-after-free * CVE-2022-46343: xorg-x11-...

RHSA-2023:0045: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: xorg-x11-server: X.Org Server XkbGetKbdByName use-after-free * CVE-2022-46340: xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow * CVE-2022-46341: xorg-x11-server: X.Org Server XIPassiveUngrab out-of-bounds access * CVE-2022-46342: xorg-x11-server: X.Org Server XvdiSelectVideoNotify use-after-free * CVE-2022-46343: xorg-x11-server:...

RHSA-2023:0046: Red Hat Security Advisory: xorg-x11-server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4283: xorg-x11-server: X.Org Server XkbGetKbdByName use-after-free * CVE-2022-46340: xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow * CVE-2022-46341: xorg-x11-server: X.Org Server XIPassiveUngrab out-of-bounds access * CVE-2022-46342: xorg-x11-server: X.Org Server XvdiSelectVideoNotify use-after-free * CVE-2022-46343: xorg-x11-...

Debian Security Advisory 5304-1

Debian Linux Security Advisory 5304-1 - Jan-Niklas Sohn discovered several vulnerabilities in X server extensions in the X.Org X server, which may result in privilege escalation if the X server is running privileged.

Debian Security Advisory 5304-1

Debian Linux Security Advisory 5304-1 - Jan-Niklas Sohn discovered several vulnerabilities in X server extensions in the X.Org X server, which may result in privilege escalation if the X server is running privileged.

Debian Security Advisory 5304-1

Debian Linux Security Advisory 5304-1 - Jan-Niklas Sohn discovered several vulnerabilities in X server extensions in the X.Org X server, which may result in privilege escalation if the X server is running privileged.

Debian Security Advisory 5304-1

Debian Linux Security Advisory 5304-1 - Jan-Niklas Sohn discovered several vulnerabilities in X server extensions in the X.Org X server, which may result in privilege escalation if the X server is running privileged.

Debian Security Advisory 5304-1

Debian Linux Security Advisory 5304-1 - Jan-Niklas Sohn discovered several vulnerabilities in X server extensions in the X.Org X server, which may result in privilege escalation if the X server is running privileged.

Debian Security Advisory 5304-1

Debian Linux Security Advisory 5304-1 - Jan-Niklas Sohn discovered several vulnerabilities in X server extensions in the X.Org X server, which may result in privilege escalation if the X server is running privileged.

CVE-2022-46341: Red Hat Customer Portal - Access to 24x7 support and knowledge

A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.

Ubuntu Security Notice USN-5778-1

Ubuntu Security Notice 5778-1 - Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Ubuntu Security Notice USN-5778-1

Ubuntu Security Notice 5778-1 - Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Ubuntu Security Notice USN-5778-1

Ubuntu Security Notice 5778-1 - Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Ubuntu Security Notice USN-5778-1

Ubuntu Security Notice 5778-1 - Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Ubuntu Security Notice USN-5778-1

Ubuntu Security Notice 5778-1 - Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Ubuntu Security Notice USN-5778-1

Ubuntu Security Notice 5778-1 - Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Ubuntu Security Notice USN-5740-1

Ubuntu Security Notice 5740-1 - It was discovered that X.Org X Server incorrectly handled certain inputs. An attacker could use these issues to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-5740-1

Ubuntu Security Notice 5740-1 - It was discovered that X.Org X Server incorrectly handled certain inputs. An attacker could use these issues to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2022-8491-01

Red Hat Security Advisory 2022-8491-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include buffer overflow and memory leak vulnerabilities.

Red Hat Security Advisory 2022-8491-01

Red Hat Security Advisory 2022-8491-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include buffer overflow and memory leak vulnerabilities.

RHSA-2022:8491: Red Hat Security Advisory: xorg-x11-server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: xorg-x11-server: buffer overflow in _GetCountedString() in xkb/xkb.c * CVE-2022-3551: xorg-x11-server: memory leak in ProcXkbGetKbdByName() in xkb/xkb.c

RHSA-2022:8491: Red Hat Security Advisory: xorg-x11-server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: xorg-x11-server: buffer overflow in _GetCountedString() in xkb/xkb.c * CVE-2022-3551: xorg-x11-server: memory leak in ProcXkbGetKbdByName() in xkb/xkb.c

Debian Security Advisory 5278-1

Debian Linux Security Advisory 5278-1 - It was discovered that a buffer overflow in the _getCountedString() function of the Xorg X server may result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5278-1

Debian Linux Security Advisory 5278-1 - It was discovered that a buffer overflow in the _getCountedString() function of the Xorg X server may result in denial of service or potentially the execution of arbitrary code.

CVE-2022-3550

A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211051.

CVE-2022-3551

A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data