SB2023111327 - Slackware Linux update for tigervnc
Published: November 13, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 13 secuirty vulnerabilities.
1) Buffer overflow (CVE-ID: CVE-2022-3550)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the _GetCountedString() function in xkb/xkb.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
2) Memory leak (CVE-ID: CVE-2022-3551)
The vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak within the ProcXkbGetKbdByName() function in xkb/xkb.c. A local user can force the application to leak memory and perform denial of service attack.
3) Memory leak (CVE-ID: CVE-2022-3553)
The vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak within the xquartz component in hw/xquartz/X11Controller.m. A local user can force the application to leak memory and perform denial of service attack.
4) Use-after-free (CVE-ID: CVE-2022-4283)
The vulnerability allows a local user to escalate privileges on the system.
5) Stack-based buffer overflow (CVE-ID: CVE-2022-46340)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the swap handler for the XTestFakeInput request of the XTest extension if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. A local user can trigger a stack-based buffer overflow and execute arbitrary code with elevated privileges.
6) Out-of-bounds read (CVE-ID: CVE-2022-46341)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when handling XIPassiveUngrab requests. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
7) Use-after-free (CVE-ID: CVE-2022-46342)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error when handling XvdiSelectVideoNotify requests. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
8) Use-after-free (CVE-ID: CVE-2022-46343)
The vulnerability allows a local user to escalate privileges on the system.
The
vulnerability exists due to a use-after-free error when handling
ScreenSaverSetAttributes requests. A local user can trigger a
use-after-free error and execute arbitrary code with elevated
privileges.
9) Out-of-bounds read (CVE-ID: CVE-2022-46344)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when handling XIChangeProperty requests. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
10) Use-after-free (CVE-ID: CVE-2023-0494)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within DeepCopyPointerClasses. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
11) Use-after-free (CVE-ID: CVE-2023-1393)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error when processing deletion of a compositor overlay window. A local user can trigger a use-after-free error and execute arbitrary code on the system.
12) Out-of-bounds write (CVE-ID: CVE-2023-5367)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in IChangeDeviceProperty/RRChangeOutputProperty. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
13) Use-after-free (CVE-ID: CVE-2023-5380)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in DestroyWindow. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Remediation
Install update from vendor's website.