Headline
RHSA-2023:0623: Red Hat Security Advisory: tigervnc security update
An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
Synopsis
Important: tigervnc security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.
Security Fix(es):
- xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation (CVE-2023-0494)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
- Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
- Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x
Fixes
- BZ - 2165995 - CVE-2023-0494 xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0
SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm
SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
x86_64
tigervnc-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: fb16ed3bf07329eab00d231b56fa21ca287dd8b5e788389d758b8eb067135c05
tigervnc-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: 8783e6f938a163893833c9f969dbb6ea8506fc00261594320ae6c814b5ad3bdf
tigervnc-debugsource-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: 767ab7c172fc5a310d3c39c38f3af14744478daec57e892c5bc6d246030980df
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: ad0b5fa331275b93b8dde6c4b7e6804c751e31316454ac08605669fae99e1509
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: 5e1f64a878fb050d4a28c419ce3c4bae62467b51608e30d5aed6ecce21184d40
tigervnc-server-minimal-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: 899780b43de7260529019c036b36c560c93bd9897b904ae9b2d3184f86ebcb72
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: cc5638ebdc3b7a18e2acd0271c6e833c14bd6bfd4efbe7777abdc013dc529eec
tigervnc-server-module-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: 5acccdffa1b1b569fab222aabc24e755f12dcc7aff191ddcd2d0d717a9add189
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: 0755dfea70e9ea6775bded932746784eb66d738dbdaa9a7da1dd022d9e525424
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0
SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm
SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
s390x
tigervnc-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: a448b5ead41af3b3d90c46041355fc477a10b3cdce8385ca33bd9c0093173a3e
tigervnc-debuginfo-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 02056e1ab697d1ef1e5583c364016cda44d28d8a640d11bfb0a6f8019593c9d3
tigervnc-debugsource-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 03c403eb2ad96cfd532b2c47ea6453600204d1c14b2718997b76971a90c16cd5
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 72854be73a7d1b57f7da6036a5b0f3ab11e604cc2c6ea00a905ca373949468dc
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 03ffb9c4f440884e7d616607c46239d1fa9f1c3c4bc8e9492dad96d70e8f1a2f
tigervnc-server-minimal-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 5dd8dea3e2de44c99c4b8a83dc9455b0eebdcb9f8f338753949775be8bcbac28
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 163a7124e13899cb49e007f1a81b878fe298326d529d4490a0160f46791f0f16
tigervnc-server-module-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 40d2ca76477701c684567485030783ee1c67b8f8c83d7130723caf9555733ec8
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 5be98ae71edd3dc1b4ea1400fd1d20fb359447a06c07b4aa4154e6a22664c23d
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0
SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm
SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
ppc64le
tigervnc-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: 74d42f8d9161086075bd73c5697e7f56cd5497c724973e2cba2e73746ebb47fa
tigervnc-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: a8e0c2ca5080088941217299d49dbc18526ba53ea75a4a235268414578b9dea1
tigervnc-debugsource-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: 4ccd7429e9c959211fa46b294463689953ea8bdbb9f06cdc0ec7fa0b4e5ad43c
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: 091bd80e08b46ba8bfdc01e704f87b9fc5a9d871d3b8376d51f972183f8decbc
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: 69e32a62c64a6f2a0d26def6d6b78d6474ee50cf3f1131ee394440bab270f1c0
tigervnc-server-minimal-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: 4cf040f213d980c7b7f1b428f913486ba576e07cad39e0fe834a899ee5fab51b
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: f22ff3c1b45a46fb279104ff7dcd06f0f54bf9015a6770880a1ac064a4a40f4c
tigervnc-server-module-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: 489812f2fb57cc4d220b7e0141d819de29aa1ce5d8a4f301a8e03cab115bf621
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: e0a2732c4619c02bac316868aac4917f3791cef95267c977220166e6bc2c78f9
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0
SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm
SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
aarch64
tigervnc-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: f41ea409b262266ca84ad93def0627966ab2fdff1a03d42e8ca6dda8e8f02c23
tigervnc-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: 3c442db903abd98ac8045ec113f43e33da71340ae99baed568407a4bb5e6ac25
tigervnc-debugsource-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: 2e2f2db3a0ed7d62c1dd4854ac68baae9c661e9ae02f7624690a1b66e275a26b
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: 483d2b51c0d6493c3f70716dbfa6a5d77471128005bec71192e4b2dbcd9ff997
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: db45f4ce758efccff57795360a5af029bd5a88ebed6d9f1dc68e4aa9b3b4f709
tigervnc-server-minimal-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: c5596cccfd6acd85c6c6338a0be5351e538746203ed42ad9f232fbdd1fab055c
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: cf8695ca22c9f792bf8332dd0351d83482242447059abfd7cac277af30dc6ebe
tigervnc-server-module-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: 2d60cd6e86bba40ef340878caa47afbe965b028d9cafef60eeec1bf4c2b7007e
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: 71287f0dafbd598bc3a1de1c2bca54174ea2e1cf6965f1e649b26d39d77ff6b8
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0
SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm
SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
ppc64le
tigervnc-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: 74d42f8d9161086075bd73c5697e7f56cd5497c724973e2cba2e73746ebb47fa
tigervnc-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: a8e0c2ca5080088941217299d49dbc18526ba53ea75a4a235268414578b9dea1
tigervnc-debugsource-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: 4ccd7429e9c959211fa46b294463689953ea8bdbb9f06cdc0ec7fa0b4e5ad43c
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: 091bd80e08b46ba8bfdc01e704f87b9fc5a9d871d3b8376d51f972183f8decbc
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: 69e32a62c64a6f2a0d26def6d6b78d6474ee50cf3f1131ee394440bab270f1c0
tigervnc-server-minimal-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: 4cf040f213d980c7b7f1b428f913486ba576e07cad39e0fe834a899ee5fab51b
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: f22ff3c1b45a46fb279104ff7dcd06f0f54bf9015a6770880a1ac064a4a40f4c
tigervnc-server-module-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: 489812f2fb57cc4d220b7e0141d819de29aa1ce5d8a4f301a8e03cab115bf621
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm
SHA-256: e0a2732c4619c02bac316868aac4917f3791cef95267c977220166e6bc2c78f9
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0
SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm
SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
x86_64
tigervnc-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: fb16ed3bf07329eab00d231b56fa21ca287dd8b5e788389d758b8eb067135c05
tigervnc-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: 8783e6f938a163893833c9f969dbb6ea8506fc00261594320ae6c814b5ad3bdf
tigervnc-debugsource-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: 767ab7c172fc5a310d3c39c38f3af14744478daec57e892c5bc6d246030980df
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: ad0b5fa331275b93b8dde6c4b7e6804c751e31316454ac08605669fae99e1509
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: 5e1f64a878fb050d4a28c419ce3c4bae62467b51608e30d5aed6ecce21184d40
tigervnc-server-minimal-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: 899780b43de7260529019c036b36c560c93bd9897b904ae9b2d3184f86ebcb72
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: cc5638ebdc3b7a18e2acd0271c6e833c14bd6bfd4efbe7777abdc013dc529eec
tigervnc-server-module-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: 5acccdffa1b1b569fab222aabc24e755f12dcc7aff191ddcd2d0d717a9add189
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm
SHA-256: 0755dfea70e9ea6775bded932746784eb66d738dbdaa9a7da1dd022d9e525424
Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0
SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm
SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
aarch64
tigervnc-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: f41ea409b262266ca84ad93def0627966ab2fdff1a03d42e8ca6dda8e8f02c23
tigervnc-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: 3c442db903abd98ac8045ec113f43e33da71340ae99baed568407a4bb5e6ac25
tigervnc-debugsource-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: 2e2f2db3a0ed7d62c1dd4854ac68baae9c661e9ae02f7624690a1b66e275a26b
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: 483d2b51c0d6493c3f70716dbfa6a5d77471128005bec71192e4b2dbcd9ff997
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: db45f4ce758efccff57795360a5af029bd5a88ebed6d9f1dc68e4aa9b3b4f709
tigervnc-server-minimal-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: c5596cccfd6acd85c6c6338a0be5351e538746203ed42ad9f232fbdd1fab055c
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: cf8695ca22c9f792bf8332dd0351d83482242447059abfd7cac277af30dc6ebe
tigervnc-server-module-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: 2d60cd6e86bba40ef340878caa47afbe965b028d9cafef60eeec1bf4c2b7007e
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm
SHA-256: 71287f0dafbd598bc3a1de1c2bca54174ea2e1cf6965f1e649b26d39d77ff6b8
Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0
SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm
SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
s390x
tigervnc-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: a448b5ead41af3b3d90c46041355fc477a10b3cdce8385ca33bd9c0093173a3e
tigervnc-debuginfo-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 02056e1ab697d1ef1e5583c364016cda44d28d8a640d11bfb0a6f8019593c9d3
tigervnc-debugsource-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 03c403eb2ad96cfd532b2c47ea6453600204d1c14b2718997b76971a90c16cd5
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm
SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 72854be73a7d1b57f7da6036a5b0f3ab11e604cc2c6ea00a905ca373949468dc
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 03ffb9c4f440884e7d616607c46239d1fa9f1c3c4bc8e9492dad96d70e8f1a2f
tigervnc-server-minimal-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 5dd8dea3e2de44c99c4b8a83dc9455b0eebdcb9f8f338753949775be8bcbac28
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 163a7124e13899cb49e007f1a81b878fe298326d529d4490a0160f46791f0f16
tigervnc-server-module-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 40d2ca76477701c684567485030783ee1c67b8f8c83d7130723caf9555733ec8
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.s390x.rpm
SHA-256: 5be98ae71edd3dc1b4ea1400fd1d20fb359447a06c07b4aa4154e6a22664c23d
Related news
An update for xorg-x11-server is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The ProcXkbGetKb...
An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3550: A flaw was found in the xorg-x11-server package. A buffer overflow can occur in the _GetCountedString function in xkb/xkb.c due to improper input validation, allowing for possible escalation of privileges, execution of arbitrary code, or a denial of service. * CVE-2022-3551: A flaw was found in the xorg-x11-server package. The ProcXkbGetKb...
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
Red Hat Security Advisory 2023-0671-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-0663-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-0664-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-0665-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-0662-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-0622-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-0623-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a use-after-free vulnerability.
An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read ...
An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote cod...
An update for tigervnc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forw...
An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote cod...
An update for tigervnc is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and ...
Debian Linux Security Advisory 5342-1 - Jan-Niklas Sohn discovered that a user-after-free flaw in the X Input extension of the X.org X server may result in privilege escalation if the X server is running under the root user.
An update for tigervnc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forw...