Software: tigervnc 1.8.0
OS: rosa-server79
package_evr_string: tigervnc-1.8.0-22
CVE-ID: CVE-2023-0494
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC: A vulnerability has been discovered in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be used by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write to freed memory. This can lead to local privilege escalation on systems where the X server performs privileged and remote code execution for ssh X forwarding sessions.
CVE-STATUS: Fixed
CVE-REV: To close, run the yum update command