Oracle Linux 8 : tigervnc (ELSA-2024-3067)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3067 advisory. - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20388 - Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap...

RHEL 7 : xorg-x11-server (RHSA-2024:0320)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0320 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical use...

Updated x11-server, x11-server-xwayland and tigervnc fix security issues

The updated packages fix security vulnerabilities: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer. CVE-2023-6816 Reattaching to different master device may lead to out-of-bounds memory access. CVE-2024-0229 Heap buffer overflow in XISendDeviceHierarchyEvent. CVE-2024-21885 Heap...

USN-6587-4: X.Org X Server regression

USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete resulting in a possible regression. This update fixes the problem. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and...

xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer

A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leadin...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

USN-6587-3 xorg-server, xwayland regression

USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete resulting in a possible regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processin...

Important: Red Hat Security Advisory: xorg-x11-server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

USN-6587-2: X.Org X Server vulnerabilities

USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and...

Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer

...

X.org Server Security Vulnerability

X.org Server is an open source free software from the X.org Foundation. A security vulnerability exists in X.org Server that stems from the server incorrectly handling memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs, which can lead to a server crash, disclosure of sensitiv...