Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Oracle Linux 8 ELSA-2024-2037 Critical: Tigervnc Server Important Fixes

oracle
Calendar Grey April 25, 2024
Oracle Linux Logo Esm H88
Uncover security alert ELSA-2024-2037 relevant to Oracle Linux 8 that outlines tigervnc modifications targeting severe security flaws.
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

[1.13.1-2.10] - Fix crash caused by fix for CVE-2024-31083 Resolves: RHEL-30981 [1.13.1-2.9] - Rebuild (z-stream target) Resolves: RHEL-31011 Resolves: RHEL-30981 Resolves: RHEL-30998 [1.13.1-2.8] - Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents Resolves: RHEL-31011 - Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs Resolves: RHEL-30981 - Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice Resolves: RHEL-30998 [1.13.1-3.7] - Fix use after free related to CVE-2024-21886 Resolves: RHEL-20432 - Fix copy/paste error in the DeviceStateNotify Resolves: RHEL-20583 [1.13.1-3.6] - Don't try to get pointer position when the pointer becomes a floating device Resolves: RHEL-20432 [1.13.1-3.5] - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20432 - Fix CVE-2024-21885 ...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory heap overflow important fix data leakage Oracle Linux tigervnc buffer overread

SRPMs

http://oss.oracle.com/ol8/SRPMS-updates//tigervnc-1.13.1-2.el8_9.10.src.rpm

x86_64

tigervnc-1.13.1-2.el8_9.10.x86_64.rpm tigervnc-icons-1.13.1-2.el8_9.10.noarch.rpm tigervnc-license-1.13.1-2.el8_9.10.noarch.rpm tigervnc-selinux-1.13.1-2.el8_9.10.noarch.rpm tigervnc-server-1.13.1-2.el8_9.10.x86_64.rpm tigervnc-server-minimal-1.13.1-2.el8_9.10.x86_64.rpm tigervnc-server-module-1.13.1-2.el8_9.10.x86_64.rpm

aarch64

tigervnc-1.13.1-2.el8_9.10.aarch64.rpm tigervnc-icons-1.13.1-2.el8_9.10.noarch.rpm tigervnc-license-1.13.1-2.el8_9.10.noarch.rpm tigervnc-selinux-1.13.1-2.el8_9.10.noarch.rpm tigervnc-server-1.13.1-2.el8_9.10.aarch64.rpm tigervnc-server-minimal-1.13.1-2.el8_9.10.aarch64.rpm tigervnc-server-module-1.13.1-2.el8_9.10.aarch64.rpm

Severity
critical
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2024-31080 CVE-2024-31081 CVE-2024-31083

Topics%20covered

Topics Covered

security advisory heap overflow important fix data leakage Oracle Linux tigervnc buffer overread

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here