80 matches found
xorg-x11-server: Use-after-free in ProcRenderAddGlyphs
A use-after-free vulnerability was found in the ProcRenderAddGlyphs function of Xorg servers. This issue occurs when AllocateGlyph is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently,...
CentOS 8 : xorg-x11-server-Xwayland (CESA-2024:3343)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:3343 advisory. - A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped...
ALSA-2024:3343 Important: xorg-x11-server-Xwayland security update
Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents CVE-2024-31080 xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice CVE-2024-31081 xorg-x11-server: Use-after-free in...
RHEL 8 : xorg-x11-server-Xwayland (RHSA-2024:3343)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3343 advisory. Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: Heap buffer overread/data leakage in...
xorg-x11-server: Use-after-free in ProcRenderAddGlyphs
A use-after-free vulnerability was found in the ProcRenderAddGlyphs function of Xorg servers. This issue occurs when AllocateGlyph is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently,...
CentOS 8 : tigervnc (CESA-2024:3261)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3261 advisory. - A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped...
SUSE: Security Advisory (SUSE-SU-2024:1199-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rocky Linux 8 : tigervnc (RLSA-2024:2037)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2037 advisory. - A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped leng...
Oracle Linux 7 : tigervnc (ELSA-2024-2080)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2080 advisory. - Dropped xorg-CVE-2023-5367.patch, xorg-CVE-2023-6816.patch, xorg-CVE-2023-6377.patch, xorg- CVE-2023-6478.patch, xorg-CVE-2024-0229-1.patch,...
RHEL 7 : tigervnc (RHSA-2024:2080)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2080 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...
X.Org Server ProcRenderAddGlyphs Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ProcRenderAddGlyphs...
xorg-x11-server: Use-after-free in ProcRenderAddGlyphs
A use-after-free vulnerability was found in the ProcRenderAddGlyphs function of Xorg servers. This issue occurs when AllocateGlyph is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently,...
Important: Red Hat Security Advisory: tigervnc security update
An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
RHEL 9 : tigervnc (RHSA-2024:2036)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2036 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...
Fedora 38 : xorg-x11-server-Xwayland (2024-1706127797)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-1706127797 advisory. CVE fix for CVE-2024-31080, CVE-2024-31081, CVE-2024-31083, and a fix for a regression introduced with the fix for CVE-2024-31083 Tenable has...
RHEL 8 : tigervnc (RHSA-2024:2042)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2042 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...
Fedora 39 : xorg-x11-server-Xwayland (2024-5af98298c7)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5af98298c7 advisory. xwayland 23.2.6 - CVE fix for CVE-2024-31080, CVE-2024-31081, CVE-2024-31083 Tenable has extracted the preceding description block directly from the...
RHEL 8 : tigervnc (RHSA-2024:2041)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2041 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...
Important: xorg-x11-server
Issue Overview: A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a clie...
Amazon Linux AMI : xorg-x11-server (ALAS-2024-1928)
It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1928 advisory. The ProcRenderAddGlyphs function calls the AllocateGlyph function to store new glyphs sent by the client to the X server. AllocateGlyph would return a new glyph with refcount=0 and a re-used glyph would en...