CentOS Local Security Checks : CentOS: Security Advisory for xorg-x11-server-common (CESA-2023:0675)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.884276

Kategorie: CentOS Local Security Checks

Titel: CentOS: Security Advisory for xorg-x11-server-common (CESA-2023:0675)

Zusammenfassung: The remote host is missing an update for the 'xorg-x11-server-common'; package(s) announced via the CESA-2023:0675 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'xorg-x11-server-common'
package(s) announced via the CESA-2023:0675 advisory.

Vulnerability Insight:
Virtual Network Computing (VNC) is a remote display system which allows
users to view a computing desktop environment not only on the machine where
it is running, but from anywhere on the Internet and from a wide variety of
machine architectures. TigerVNC is a suite of VNC servers and clients.

X.Org is an open-source implementation of the X Window System. It provides
the basic low-level functionality that full-fledged graphical user
interfaces are designed upon.

Security Fix(es):

* xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege
elevation (CVE-2023-0494)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Affected Software/OS:
'xorg-x11-server-common' package(s) on CentOS 7.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2023-0494
https://security.gentoo.org/glsa/202305-30
https://bugzilla.redhat.com/show_bug.cgi?id=2165995
https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec
https://lists.x.org/archives/xorg-announce/2023-February/003320.html

Copyright Copyright (C) 2023 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.884276
Kategorie:	CentOS Local Security Checks
Titel:	CentOS: Security Advisory for xorg-x11-server-common (CESA-2023:0675)
Zusammenfassung:	The remote host is missing an update for the 'xorg-x11-server-common'; package(s) announced via the CESA-2023:0675 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'xorg-x11-server-common' package(s) announced via the CESA-2023:0675 advisory. Vulnerability Insight: Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation (CVE-2023-0494) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'xorg-x11-server-common' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2023-0494 https://security.gentoo.org/glsa/202305-30 https://bugzilla.redhat.com/show_bug.cgi?id=2165995 https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec https://lists.x.org/archives/xorg-announce/2023-February/003320.html
Copyright	Copyright (C) 2023 Greenbone Networks GmbH