Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2023-0675

Опубликовано: 09 фев. 2023
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2023-0675: tigervnc and xorg-x11-server security update (IMPORTANT)

tigervnc [1.8.0-24]

  • CVE fix for: CVE-2023-0494 Resolves: bz#2166532

xorg-x11-server [1.20.4-22]

  • CVE fix for: CVE-2023-0494 (#2166513)

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

tigervnc

1.8.0-24.el7_9

tigervnc-icons

1.8.0-24.el7_9

tigervnc-license

1.8.0-24.el7_9

tigervnc-server

1.8.0-24.el7_9

tigervnc-server-applet

1.8.0-24.el7_9

tigervnc-server-minimal

1.8.0-24.el7_9

tigervnc-server-module

1.8.0-24.el7_9

xorg-x11-server-Xdmx

1.20.4-22.el7_9

xorg-x11-server-Xephyr

1.20.4-22.el7_9

xorg-x11-server-Xnest

1.20.4-22.el7_9

xorg-x11-server-Xorg

1.20.4-22.el7_9

xorg-x11-server-Xvfb

1.20.4-22.el7_9

xorg-x11-server-Xwayland

1.20.4-22.el7_9

xorg-x11-server-common

1.20.4-22.el7_9

xorg-x11-server-devel

1.20.4-22.el7_9

xorg-x11-server-source

1.20.4-22.el7_9

Oracle Linux x86_64

tigervnc

1.8.0-24.el7_9

tigervnc-icons

1.8.0-24.el7_9

tigervnc-license

1.8.0-24.el7_9

tigervnc-server

1.8.0-24.el7_9

tigervnc-server-applet

1.8.0-24.el7_9

tigervnc-server-minimal

1.8.0-24.el7_9

tigervnc-server-module

1.8.0-24.el7_9

xorg-x11-server-Xdmx

1.20.4-22.el7_9

xorg-x11-server-Xephyr

1.20.4-22.el7_9

xorg-x11-server-Xnest

1.20.4-22.el7_9

xorg-x11-server-Xorg

1.20.4-22.el7_9

xorg-x11-server-Xvfb

1.20.4-22.el7_9

xorg-x11-server-Xwayland

1.20.4-22.el7_9

xorg-x11-server-common

1.20.4-22.el7_9

xorg-x11-server-devel

1.20.4-22.el7_9

xorg-x11-server-source

1.20.4-22.el7_9

Связанные CVE

CVE-2023-0494

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2023-0494

CVSS3: 7.8
ubuntu
около 2 лет назад

A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.

redhat логотип

CVE-2023-0494

CVSS3: 7.8
redhat
больше 2 лет назад

A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.

nvd логотип

CVE-2023-0494

CVSS3: 7.8
nvd
около 2 лет назад

A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.

debian логотип

CVE-2023-0494

CVSS3: 7.8
debian
около 2 лет назад

A vulnerability was found in X.Org. This issue occurs due to a danglin ...

suse-cvrf логотип

SUSE-SU-2023:0289-1

suse-cvrf
больше 2 лет назад

Security update for xwayland