Mageia Advisory: MGASA-2024-0121 - Updated x11-server, x11-server-xwayland & tigervnc packages fix security vulnerabilities

Updated x11-server, x11-server-xwayland & tigervnc packages fix security vulnerabilities

Publication date: 11 Apr 2024
Modification date: 11 Apr 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-31080 , CVE-2024-31081 , CVE-2024-31083

Description

Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
(CVE-2024-31080)
Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
(CVE-2024-31081)
User-after-free in ProcRenderAddGlyphs. (CVE-2024-31083)

References

https://bugs.mageia.org/show_bug.cgi?id=33058
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083

SRPMS

9/core

x11-server-21.1.8-7.4.mga9
x11-server-xwayland-22.1.9-1.4.mga9
tigervnc-1.13.1-2.4.mga9

Advisories » MGASA-2024-0121

Updated x11-server, x11-server-xwayland & tigervnc packages fix security vulnerabilities

Description

References

SRPMS

9/core