RHEL 7 : tigervnc (RHSA-2024:0629)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0629 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...

Oracle Linux 9 : tigervnc (ELSA-2024-0557)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0557 advisory. - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20389 - Fix CVE-2024-21885 tigervnc:...

x11/libXpm multiple vulnerabilities

The X.Org project reports: CVE-2023-43788: Out of bounds read in XpmCreateXpmImageFromBuffer An out-of-bounds read is located in ParseComment when reading from a memory buffer instead of a file, as it continued to look for the closing comment marker past the end of the buffer. CVE-2023-43789: Out...

11/libX11 multiple vulnerabilities

The X.Org project reports: CVE-2023-43785: out-of-bounds memory access in XkbReadKeySyms When libX11 is processing the reply from the X server to the XkbGetMap request, if it detected the number of symbols in the new map was less than the size of the buffer it had allocated, it always added room...

xorg-server -- Overlay Window Use-After-Free

The X.Org project reports: ZDI-CAN-19866/CVE-2023-1393: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability If a client explicitly destroys the compositor overlay window aka COW, the Xserver would leave a dangling pointer to that window in the CompScreen structure,...

libXpm -- Issues handling XPM files

The X.Org project reports: CVE-2022-46285: Infinite loop on unclosed comments When reading XPM images from a file with libXpm 3.5.14 or older, if a comment in the file is not closed i.e. a C-style comment starts with "/" and is missing the closing "/", the ParseComment function will loop forever...

libX11 -- Arbitrary code execution

The X.org project reports: XLookupColor and other X libraries function lack proper validation of the length of their string parameters. If those parameters can be controlled by an external application for instance a color name that can be emitted via a terminal control sequence it can lead to the...

FreeBSD : libX11 -- Doublefree in locale handlng code (8da79498-e6f6-11ea-8cbf-54e1ad3d6335)

The X.org project reports : There is an integer overflow and a double free vulnerability in the way LibX11 handles locales. The integer overflow is a necessary precursor to the double free. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

FreeBSD : libX11 -- Heap corruption in the X input method client in libX11 (6faa7feb-d3fa-11ea-9aba-0c9d925bbbc0)

The X.org project reports : The X Input Method XIM client implementation in libX11 has some integer overflows and signed/unsigned comparison issues that can lead to heap corruption when handling malformed messages from an input method. C Tenable Network Security, Inc. The descriptive text and...

libX11 -- Heap corruption in the X input method client in libX11

The X.org project reports: The X Input Method XIM client implementation in libX11 has some integer overflows and signed/unsigned comparison issues that can lead to heap corruption when handling malformed messages from an input method...

CentOS 5 : libXfont (CESA-2014:1893)

Updated libXfont packages that fix three security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...