Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2024.0009
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2024-0009)
Zusammenfassung:	The remote host is missing an update for the 'tigervnc, x11-server, x11-server-xwayland' package(s) announced via the MGASA-2024-0009 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'tigervnc, x11-server, x11-server-xwayland' package(s) announced via the MGASA-2024-0009 advisory. Vulnerability Insight: The updated packages fix security vulnerabilities: A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. (CVE-2023-6377) A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. (CVE-2023-6478) Affected Software/OS: 'tigervnc, x11-server, x11-server-xwayland' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2023-6377 RHBZ#2253291 https://bugzilla.redhat.com/show_bug.cgi?id=2253291 RHSA-2023:7886 https://access.redhat.com/errata/RHSA-2023:7886 RHSA-2024:0006 https://access.redhat.com/errata/RHSA-2024:0006 RHSA-2024:0009 https://access.redhat.com/errata/RHSA-2024:0009 RHSA-2024:0010 https://access.redhat.com/errata/RHSA-2024:0010 RHSA-2024:0014 https://access.redhat.com/errata/RHSA-2024:0014 RHSA-2024:0015 https://access.redhat.com/errata/RHSA-2024:0015 RHSA-2024:0016 https://access.redhat.com/errata/RHSA-2024:0016 RHSA-2024:0017 https://access.redhat.com/errata/RHSA-2024:0017 RHSA-2024:0018 https://access.redhat.com/errata/RHSA-2024:0018 RHSA-2024:0020 https://access.redhat.com/errata/RHSA-2024:0020 RHSA-2024:2169 https://access.redhat.com/errata/RHSA-2024:2169 RHSA-2024:2170 https://access.redhat.com/errata/RHSA-2024:2170 RHSA-2024:2995 https://access.redhat.com/errata/RHSA-2024:2995 RHSA-2024:2996 https://access.redhat.com/errata/RHSA-2024:2996 http://www.openwall.com/lists/oss-security/2023/12/13/1 https://access.redhat.com/security/cve/CVE-2023-6377 https://gitlab.freedesktop.org/xorg/xserver/-/commit/0c1a93d319558fe3ab2d94f51d174b4f93810afd https://lists.debian.org/debian-lts-announce/2023/12/msg00008.html https://lists.debian.org/debian-lts-announce/2023/12/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R63Z6GIWM3YUNZRCGFODUXLW3GY2HD6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFHV5KCQ2SVOD4QMCPZ5HC6YL44L7YJD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/ https://lists.x.org/archives/xorg-announce/2023-December/003435.html https://security.gentoo.org/glsa/202401-30 https://security.netapp.com/advisory/ntap-20240125-0003/ https://www.debian.org/security/2023/dsa-5576 Common Vulnerability Exposure (CVE) ID: CVE-2023-6478 RHBZ#2253298 https://bugzilla.redhat.com/show_bug.cgi?id=2253298 https://access.redhat.com/security/cve/CVE-2023-6478 https://gitlab.freedesktop.org/xorg/xserver/-/commit/14f480010a93ff962fef66a16412fafff81ad632
Copyright	Copyright (C) 2024 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.