(RHSA-2024:3067) Moderate: tigervnc security update

2024-05-2206:35:30

access.redhat.com

vnc

remote display

security update

tigervnc

xorg-x11-server

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.9

Confidence

Low

EPSS

Percentile

16.7%

JSON

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

xorg-x11-server: Use-after-free bug in DestroyWindow (CVE-2023-5380)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.10 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8x86_64tigervnc-server< 1.13.1-8.el8tigervnc-server-1.13.1-8.el8.x86_64.rpm
RedHat8ppc64letigervnc-debugsource< 1.13.1-8.el8tigervnc-debugsource-1.13.1-8.el8.ppc64le.rpm
RedHat8x86_64tigervnc-debugsource< 1.13.1-8.el8tigervnc-debugsource-1.13.1-8.el8.x86_64.rpm
RedHat8s390xtigervnc-server< 1.13.1-8.el8tigervnc-server-1.13.1-8.el8.s390x.rpm
RedHat8s390xtigervnc-server-minimal< 1.13.1-8.el8tigervnc-server-minimal-1.13.1-8.el8.s390x.rpm
RedHat8noarchtigervnc-icons< 1.13.1-8.el8tigervnc-icons-1.13.1-8.el8.noarch.rpm
RedHat8x86_64tigervnc-server-debuginfo< 1.13.1-8.el8tigervnc-server-debuginfo-1.13.1-8.el8.x86_64.rpm
RedHat8s390xtigervnc-server-minimal-debuginfo< 1.13.1-8.el8tigervnc-server-minimal-debuginfo-1.13.1-8.el8.s390x.rpm
RedHat8aarch64tigervnc-server-minimal< 1.13.1-8.el8tigervnc-server-minimal-1.13.1-8.el8.aarch64.rpm
RedHat8ppc64letigervnc-server-minimal< 1.13.1-8.el8tigervnc-server-minimal-1.13.1-8.el8.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	x86_64	tigervnc-server	< 1.13.1-8.el8	tigervnc-server-1.13.1-8.el8.x86_64.rpm
RedHat	8	ppc64le	tigervnc-debugsource	< 1.13.1-8.el8	tigervnc-debugsource-1.13.1-8.el8.ppc64le.rpm
RedHat	8	x86_64	tigervnc-debugsource	< 1.13.1-8.el8	tigervnc-debugsource-1.13.1-8.el8.x86_64.rpm
RedHat	8	s390x	tigervnc-server	< 1.13.1-8.el8	tigervnc-server-1.13.1-8.el8.s390x.rpm
RedHat	8	s390x	tigervnc-server-minimal	< 1.13.1-8.el8	tigervnc-server-minimal-1.13.1-8.el8.s390x.rpm
RedHat	8	noarch	tigervnc-icons	< 1.13.1-8.el8	tigervnc-icons-1.13.1-8.el8.noarch.rpm
RedHat	8	x86_64	tigervnc-server-debuginfo	< 1.13.1-8.el8	tigervnc-server-debuginfo-1.13.1-8.el8.x86_64.rpm
RedHat	8	s390x	tigervnc-server-minimal-debuginfo	< 1.13.1-8.el8	tigervnc-server-minimal-debuginfo-1.13.1-8.el8.s390x.rpm
RedHat	8	aarch64	tigervnc-server-minimal	< 1.13.1-8.el8	tigervnc-server-minimal-1.13.1-8.el8.aarch64.rpm
RedHat	8	ppc64le	tigervnc-server-minimal	< 1.13.1-8.el8	tigervnc-server-minimal-1.13.1-8.el8.ppc64le.rpm