63 matches found
Fedora 38 : xorg-x11-server-Xwayland (2024-1706127797)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-1706127797 advisory. CVE fix for CVE-2024-31080, CVE-2024-31081, CVE-2024-31083, and a fix for a regression introduced with the fix for CVE-2024-31083 Tenable has...
RHEL 9 : tigervnc (RHSA-2024:2036)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2036 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...
RHEL 8 : tigervnc (RHSA-2024:2042)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2042 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...
The vulnerability of the ProcXIGetSelectedEvents() function in the X Window System Xorg-server allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the ProcXIGetSelectedEvents function in the X Window System Xorg-server lies in the possibility of data being written outside of the buffer. Exploiting this vulnerability could allow an attacker to access confidential data, compromise its integrity, and even cause service...
Important: xorg-x11-server
Issue Overview: A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a clie...
Amazon Linux 2023 : xorg-x11-server-common, xorg-x11-server-devel, xorg-x11-server-source (ALAS2023-2024-583)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-583 advisory. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially...
SUSE SLED15: xorg-x11-server / xorg-x11-server-Xvfb / xorg-x11-server-extra / etc (SUSE-SU-2024:1262-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1262-1 advisory. - CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length bsc1222309. -...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xwayland (SUSE-SU-2024:1264-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1264-1 advisory. - CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length bsc1222309. -...
Debian dsa-5657 : xdmx - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5657 advisory. - A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length...
MGASA-2024-0121 Updated x11-server, x11-server-xwayland & tigervnc packages fix security vulnerabilities
Heap buffer overread/data leakage in ProcXIGetSelectedEvents. CVE-2024-31080 Heap buffer overread/data leakage in ProcXIPassiveGrabDevice. CVE-2024-31081 User-after-free in ProcRenderAddGlyphs. CVE-2024-31083...
RHEL 7 : X.Org server (RHSA-2024:1785)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1785 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical use...
[slackware-security] tigervnc
New tigervnc packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/tigervnc/tigervnc-1.12.0-i586-6slack15.0.txz: Rebuilt. Recompiled against xorg-server-1.20.14, including the latest patches for several securit...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : X.Org X Server vulnerabilities (USN-6721-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6721-1 advisory. It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibl...
Slackware Linux 15.0 / current tigervnc Multiple Vulnerabilities (SSA:2024-096-01)
The version of tigervnc installed on the remote host is prior to 1.12.0 / 1.13.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-096-01 advisory. - A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function...
DEBIAN-CVE-2024-31080
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...
AZL-45300 CVE-2024-31080 affecting package xorg-x11-server 1.20.10-6
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...
CVE-2024-31080
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...
AZL-39349 CVE-2024-31080 affecting package xorg-x11-server for versions less than 1.20.10-11
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...
CVE-2024-31080
CVE-2024-31080 affects the X.Org X11 server’s ProcXIGetSelectedEvents() (and related ProcXIPassiveGrabDevice/ProcRenderAddGlyphs functions per advisories). A heap-based buffer over-read occurs when byte-swapped length values are used in replies, potentially leaking heap memory and causing segment...
CVE-2024-31080 Xorg-x11-server: heap buffer overread/data leakage in procxigetselectedevents
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...