Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Oracle Linux 9 ELSA-2024-0557 Critical Tigervnc Heap Overflows

oracle
Calendar Grey February 1, 2024
Oracle Linux Logo Esm H88
Critical security alert for Oracle Linux 9 highlights crucial updates tackling serious tigervnc heap overflow vulnerabilities and memory access problems.
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[1.13.1-3.6] - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20389 - Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent Resolves: RHEL-20383 - Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access Resolves: RHEL-20533 - Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer Resolves: RHEL-21213

SRPMs

https://oss.oracle.com:443/ol9/SRPMS-updates//tigervnc-1.13.1-3.el9_3.6.src.rpm

x86_64

tigervnc-1.13.1-3.el9_3.6.x86_64.rpm tigervnc-icons-1.13.1-3.el9_3.6.noarch.rpm tigervnc-license-1.13.1-3.el9_3.6.noarch.rpm tigervnc-selinux-1.13.1-3.el9_3.6.noarch.rpm tigervnc-server-1.13.1-3.el9_3.6.x86_64.rpm tigervnc-server-minimal-1.13.1-3.el9_3.6.x86_64.rpm tigervnc-server-module-1.13.1-3.el9_3.6.x86_64.rpm

aarch64

tigervnc-1.13.1-3.el9_3.6.aarch64.rpm tigervnc-icons-1.13.1-3.el9_3.6.noarch.rpm tigervnc-license-1.13.1-3.el9_3.6.noarch.rpm tigervnc-selinux-1.13.1-3.el9_3.6.noarch.rpm tigervnc-server-1.13.1-3.el9_3.6.aarch64.rpm tigervnc-server-minimal-1.13.1-3.el9_3.6.aarch64.rpm tigervnc-server-module-1.13.1-3.el9_3.6.aarch64.rpm

Severity
critical
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2023-6816 CVE-2024-0229 CVE-2024-21885 CVE-2024-21886

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here