Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:0671: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
Red Hat Security Data
#vulnerability#web#mac#apple#linux#red_hat#nodejs#js#java#kubernetes#rce#aws#ssh#sap

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2023-02-08

Updated:

2023-02-08

RHSA-2023:0671 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: tigervnc security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

  • xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation (CVE-2023-0494)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.2 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

Fixes

  • BZ - 2165995 - CVE-2023-0494 xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation

Red Hat Enterprise Linux Server - AUS 8.2

SRPM

tigervnc-1.9.0-15.el8_2.1.src.rpm

SHA-256: 35ccbe6d8a428de7697d0cca7a54ea388eba2d078ff2fa366c02586009fd76f5

x86_64

tigervnc-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 05d3f131da52a691d57d85e232b3c412cba876276ee2779995ada422265c3aab

tigervnc-debuginfo-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 428f531b04542fc42588b600a102d45234a4d8639ac4ac2a434d82a9fdb5942d

tigervnc-debugsource-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: c4b4a6b8c8c1748559b58ad1df4a00e31e373dd7e60edf7e74026b459ebb8a29

tigervnc-icons-1.9.0-15.el8_2.1.noarch.rpm

SHA-256: e1656abd711f0c8b75a5acab7a86d225b43673622ec5eb4199e0907f7d5432f3

tigervnc-license-1.9.0-15.el8_2.1.noarch.rpm

SHA-256: f230390728202fd2ecde5b2ea7cf4c9331ed5c417f1bc2c997cc14e4448420ce

tigervnc-server-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: f7d0612a54801ef9a7da0c44064f8ba693b77d1bb4013df5c39a94eb24fa1a12

tigervnc-server-applet-1.9.0-15.el8_2.1.noarch.rpm

SHA-256: 2d5e9dc5b35afdb37e26c684b6f7f6177390f3fc9fb8f5dc40b539a3d39daf41

tigervnc-server-debuginfo-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 9bde94dc1b452db1142b0cb96f07ee579805dfece2903633e723f78281be2abf

tigervnc-server-minimal-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 4e09b1065a0621ff91662b93b302601ea96e2bcd97d362e29ba5ffb3b83f1e89

tigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 8c3c6df0ef6c3959d41ca2b95cbdc18ea206fb2416b43e2134121700ebf3683c

tigervnc-server-module-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: a59b35aa9275b3f2405bddbc05f5fb5482008d8de1f33a5427ea1492675923a9

tigervnc-server-module-debuginfo-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: f7b205f44d0e3ea36a46db94bdc2bc1ac62bc5e5e51aaa4aef9a28d0c16d1077

Red Hat Enterprise Linux Server - TUS 8.2

SRPM

tigervnc-1.9.0-15.el8_2.1.src.rpm

SHA-256: 35ccbe6d8a428de7697d0cca7a54ea388eba2d078ff2fa366c02586009fd76f5

x86_64

tigervnc-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 05d3f131da52a691d57d85e232b3c412cba876276ee2779995ada422265c3aab

tigervnc-debuginfo-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 428f531b04542fc42588b600a102d45234a4d8639ac4ac2a434d82a9fdb5942d

tigervnc-debugsource-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: c4b4a6b8c8c1748559b58ad1df4a00e31e373dd7e60edf7e74026b459ebb8a29

tigervnc-icons-1.9.0-15.el8_2.1.noarch.rpm

SHA-256: e1656abd711f0c8b75a5acab7a86d225b43673622ec5eb4199e0907f7d5432f3

tigervnc-license-1.9.0-15.el8_2.1.noarch.rpm

SHA-256: f230390728202fd2ecde5b2ea7cf4c9331ed5c417f1bc2c997cc14e4448420ce

tigervnc-server-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: f7d0612a54801ef9a7da0c44064f8ba693b77d1bb4013df5c39a94eb24fa1a12

tigervnc-server-applet-1.9.0-15.el8_2.1.noarch.rpm

SHA-256: 2d5e9dc5b35afdb37e26c684b6f7f6177390f3fc9fb8f5dc40b539a3d39daf41

tigervnc-server-debuginfo-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 9bde94dc1b452db1142b0cb96f07ee579805dfece2903633e723f78281be2abf

tigervnc-server-minimal-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 4e09b1065a0621ff91662b93b302601ea96e2bcd97d362e29ba5ffb3b83f1e89

tigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 8c3c6df0ef6c3959d41ca2b95cbdc18ea206fb2416b43e2134121700ebf3683c

tigervnc-server-module-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: a59b35aa9275b3f2405bddbc05f5fb5482008d8de1f33a5427ea1492675923a9

tigervnc-server-module-debuginfo-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: f7b205f44d0e3ea36a46db94bdc2bc1ac62bc5e5e51aaa4aef9a28d0c16d1077

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2

SRPM

tigervnc-1.9.0-15.el8_2.1.src.rpm

SHA-256: 35ccbe6d8a428de7697d0cca7a54ea388eba2d078ff2fa366c02586009fd76f5

ppc64le

tigervnc-1.9.0-15.el8_2.1.ppc64le.rpm

SHA-256: a8e33d8d8fcd5460b5dde59658460e75bbed08c1977fb4b60ac562da9a2ba98e

tigervnc-debuginfo-1.9.0-15.el8_2.1.ppc64le.rpm

SHA-256: c37921e9611e9af3f7922dc0e2d85c1e12ee986140195944b55545c50c6b7b55

tigervnc-debugsource-1.9.0-15.el8_2.1.ppc64le.rpm

SHA-256: e51e156d16268cdc4bb31c614c7e52b6701d20679357a043a962d6519c7f9e01

tigervnc-icons-1.9.0-15.el8_2.1.noarch.rpm

SHA-256: e1656abd711f0c8b75a5acab7a86d225b43673622ec5eb4199e0907f7d5432f3

tigervnc-license-1.9.0-15.el8_2.1.noarch.rpm

SHA-256: f230390728202fd2ecde5b2ea7cf4c9331ed5c417f1bc2c997cc14e4448420ce

tigervnc-server-1.9.0-15.el8_2.1.ppc64le.rpm

SHA-256: a32400dc7f6905e8fc2c2aefcf9aee201b463ce714a9767fb06c91bdc7dba060

tigervnc-server-applet-1.9.0-15.el8_2.1.noarch.rpm

SHA-256: 2d5e9dc5b35afdb37e26c684b6f7f6177390f3fc9fb8f5dc40b539a3d39daf41

tigervnc-server-debuginfo-1.9.0-15.el8_2.1.ppc64le.rpm

SHA-256: ba61c37e7ce92c3faf2646265873a692ba5b76895d33f41b5ea301312f18af73

tigervnc-server-minimal-1.9.0-15.el8_2.1.ppc64le.rpm

SHA-256: 3a40537ed646c075c8a66f5244d4d75de3f54fabf462276811c6a2b389ec1a3d

tigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.1.ppc64le.rpm

SHA-256: ecd94980bf0146b965abf247c22020838707b219efb57baae000776494d870c0

tigervnc-server-module-1.9.0-15.el8_2.1.ppc64le.rpm

SHA-256: c8b2c59d9a361a9ffe769835fca5a8f74ae99477f36329a6d806daec3858995b

tigervnc-server-module-debuginfo-1.9.0-15.el8_2.1.ppc64le.rpm

SHA-256: 35839aae53c86245a41854419be75f24dc6aee2677c66b21e09a524bc27941ee

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2

SRPM

tigervnc-1.9.0-15.el8_2.1.src.rpm

SHA-256: 35ccbe6d8a428de7697d0cca7a54ea388eba2d078ff2fa366c02586009fd76f5

x86_64

tigervnc-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 05d3f131da52a691d57d85e232b3c412cba876276ee2779995ada422265c3aab

tigervnc-debuginfo-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 428f531b04542fc42588b600a102d45234a4d8639ac4ac2a434d82a9fdb5942d

tigervnc-debugsource-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: c4b4a6b8c8c1748559b58ad1df4a00e31e373dd7e60edf7e74026b459ebb8a29

tigervnc-icons-1.9.0-15.el8_2.1.noarch.rpm

SHA-256: e1656abd711f0c8b75a5acab7a86d225b43673622ec5eb4199e0907f7d5432f3

tigervnc-license-1.9.0-15.el8_2.1.noarch.rpm

SHA-256: f230390728202fd2ecde5b2ea7cf4c9331ed5c417f1bc2c997cc14e4448420ce

tigervnc-server-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: f7d0612a54801ef9a7da0c44064f8ba693b77d1bb4013df5c39a94eb24fa1a12

tigervnc-server-applet-1.9.0-15.el8_2.1.noarch.rpm

SHA-256: 2d5e9dc5b35afdb37e26c684b6f7f6177390f3fc9fb8f5dc40b539a3d39daf41

tigervnc-server-debuginfo-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 9bde94dc1b452db1142b0cb96f07ee579805dfece2903633e723f78281be2abf

tigervnc-server-minimal-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 4e09b1065a0621ff91662b93b302601ea96e2bcd97d362e29ba5ffb3b83f1e89

tigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: 8c3c6df0ef6c3959d41ca2b95cbdc18ea206fb2416b43e2134121700ebf3683c

tigervnc-server-module-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: a59b35aa9275b3f2405bddbc05f5fb5482008d8de1f33a5427ea1492675923a9

tigervnc-server-module-debuginfo-1.9.0-15.el8_2.1.x86_64.rpm

SHA-256: f7b205f44d0e3ea36a46db94bdc2bc1ac62bc5e5e51aaa4aef9a28d0c16d1077

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

RHSA-2023:2805: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The Pro...

RHSA-2023:2249: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The Pro...

Ubuntu Security Notice USN-5778-2

Ubuntu Security Notice 5778-2 - USN-5778-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

Red Hat Security Advisory 2023-0675-01

Red Hat Security Advisory 2023-0675-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0663-01

Red Hat Security Advisory 2023-0663-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0665-01

Red Hat Security Advisory 2023-0665-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0623-01

Red Hat Security Advisory 2023-0623-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.

RHSA-2023:0663: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote cod...

RHSA-2023:0662: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forw...

RHSA-2023:0664: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote cod...

RHSA-2023:0665: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and ...

Debian Security Advisory 5342-1

Debian Linux Security Advisory 5342-1 - Jan-Niklas Sohn discovered that a user-after-free flaw in the X Input extension of the X.org X server may result in privilege escalation if the X server is running under the root user.

RHSA-2023:0623: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote cod...

RHSA-2023:0622: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forw...