Описание
ELSA-2023-0622: tigervnc security update (IMPORTANT)
[1.12.0-5]
- xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation Resolves: bz#2167060
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
tigervnc
1.12.0-5.el9_1.1
tigervnc-icons
1.12.0-5.el9_1.1
tigervnc-license
1.12.0-5.el9_1.1
tigervnc-selinux
1.12.0-5.el9_1.1
tigervnc-server
1.12.0-5.el9_1.1
tigervnc-server-minimal
1.12.0-5.el9_1.1
tigervnc-server-module
1.12.0-5.el9_1.1
Oracle Linux x86_64
tigervnc
1.12.0-5.el9_1.1
tigervnc-icons
1.12.0-5.el9_1.1
tigervnc-license
1.12.0-5.el9_1.1
tigervnc-selinux
1.12.0-5.el9_1.1
tigervnc-server
1.12.0-5.el9_1.1
tigervnc-server-minimal
1.12.0-5.el9_1.1
tigervnc-server-module
1.12.0-5.el9_1.1
Связанные CVE
Связанные уязвимости
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
A vulnerability was found in X.Org. This issue occurs due to a danglin ...
