tigervnc-1.13.1-14.el8_10

エラータID: AXSA:2024-9015:15

Release date: 
Monday, November 18, 2024 - 10:59
Subject: 
tigervnc-1.13.1-14.el8_10
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

* xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability (CVE-2024-9632)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2024-9632
A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.

Solution: 

Update packages.

CVEs: 
CVE-2024-9632
A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.
Additional Info: 

N/A

Download: 

SRPMS
  1. tigervnc-1.13.1-14.el8_10.src.rpm
    MD5: a122d5745f4a43c346d3982799b6bccd
    SHA-256: d2f8e9de19a70fff30b3d874e840c06abd45b56dd9aafd6cddc32430d4dd0d2a
    Size: 1.97 MB

Asianux Server 8 for x86_64
  1. tigervnc-1.13.1-14.el8_10.x86_64.rpm
    MD5: a16aea8a7a3e9f62af7e38768c2c0aa3
    SHA-256: 9e1aa7d178cb094f287b494205c4c105eae33419c5ebbfa6d1706d3355a0d24e
    Size: 354.79 kB
  2. tigervnc-icons-1.13.1-14.el8_10.noarch.rpm
    MD5: f84d9b7124fe0cabf27b4ed5f10fd3c8
    SHA-256: b9f5414a6cbc2259a9d07086c5846572e085309ebda61919936de04b4756cd26
    Size: 61.61 kB
  3. tigervnc-license-1.13.1-14.el8_10.noarch.rpm
    MD5: 96ae66ebffa2ba88812b6702577024a4
    SHA-256: 22a27a9052fc57aa40e5060fc643c04cd10e93a0a24734daa1ef12021942b4c2
    Size: 42.00 kB
  4. tigervnc-selinux-1.13.1-14.el8_10.noarch.rpm
    MD5: 55d645ca37b83f17e166230ff99e0f74
    SHA-256: dc9aa1d68eb08fa5b58ee079d1e2582a9989bace8001bb54629f8d98d9b3f791
    Size: 50.58 kB
  5. tigervnc-server-1.13.1-14.el8_10.x86_64.rpm
    MD5: c7f71c8cac075fd4968a922e98a9fbfc
    SHA-256: 48286365fc68339dc133e4ba98cf8d5a1b4401be02004603f0ec220178564e32
    Size: 279.99 kB
  6. tigervnc-server-minimal-1.13.1-14.el8_10.x86_64.rpm
    MD5: 34655eaa2205e598b903e2f4e705eb78
    SHA-256: aac2449a1f10497c6f6e045eba76900c345562dabb2444a1291f563873bb4da9
    Size: 1.13 MB
  7. tigervnc-server-module-1.13.1-14.el8_10.x86_64.rpm
    MD5: c8f94197073a24513106548b138b32fb
    SHA-256: 6b365a7d9df928e0f02d8bfd31539ab24d467d7c4d9b77edd5827bc406b6fd5d
    Size: 274.94 kB