Red Hat Product Errata RHSA-2023:0623 - Security Advisory
Issued:
2023-02-07
Updated:
2023-02-07

RHSA-2023:0623 - Security Advisory

Synopsis

Important: tigervnc security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

  • xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation (CVE-2023-0494)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x

Fixes

  • BZ - 2165995 - CVE-2023-0494 xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0

SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
x86_64
tigervnc-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: fb16ed3bf07329eab00d231b56fa21ca287dd8b5e788389d758b8eb067135c05
tigervnc-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: 8783e6f938a163893833c9f969dbb6ea8506fc00261594320ae6c814b5ad3bdf
tigervnc-debugsource-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: 767ab7c172fc5a310d3c39c38f3af14744478daec57e892c5bc6d246030980df
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: ad0b5fa331275b93b8dde6c4b7e6804c751e31316454ac08605669fae99e1509
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: 5e1f64a878fb050d4a28c419ce3c4bae62467b51608e30d5aed6ecce21184d40
tigervnc-server-minimal-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: 899780b43de7260529019c036b36c560c93bd9897b904ae9b2d3184f86ebcb72
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: cc5638ebdc3b7a18e2acd0271c6e833c14bd6bfd4efbe7777abdc013dc529eec
tigervnc-server-module-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: 5acccdffa1b1b569fab222aabc24e755f12dcc7aff191ddcd2d0d717a9add189
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: 0755dfea70e9ea6775bded932746784eb66d738dbdaa9a7da1dd022d9e525424

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0

SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
s390x
tigervnc-1.11.0-22.el9_0.1.s390x.rpm SHA-256: a448b5ead41af3b3d90c46041355fc477a10b3cdce8385ca33bd9c0093173a3e
tigervnc-debuginfo-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 02056e1ab697d1ef1e5583c364016cda44d28d8a640d11bfb0a6f8019593c9d3
tigervnc-debugsource-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 03c403eb2ad96cfd532b2c47ea6453600204d1c14b2718997b76971a90c16cd5
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 72854be73a7d1b57f7da6036a5b0f3ab11e604cc2c6ea00a905ca373949468dc
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 03ffb9c4f440884e7d616607c46239d1fa9f1c3c4bc8e9492dad96d70e8f1a2f
tigervnc-server-minimal-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 5dd8dea3e2de44c99c4b8a83dc9455b0eebdcb9f8f338753949775be8bcbac28
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 163a7124e13899cb49e007f1a81b878fe298326d529d4490a0160f46791f0f16
tigervnc-server-module-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 40d2ca76477701c684567485030783ee1c67b8f8c83d7130723caf9555733ec8
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 5be98ae71edd3dc1b4ea1400fd1d20fb359447a06c07b4aa4154e6a22664c23d

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0

SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
ppc64le
tigervnc-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: 74d42f8d9161086075bd73c5697e7f56cd5497c724973e2cba2e73746ebb47fa
tigervnc-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: a8e0c2ca5080088941217299d49dbc18526ba53ea75a4a235268414578b9dea1
tigervnc-debugsource-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: 4ccd7429e9c959211fa46b294463689953ea8bdbb9f06cdc0ec7fa0b4e5ad43c
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: 091bd80e08b46ba8bfdc01e704f87b9fc5a9d871d3b8376d51f972183f8decbc
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: 69e32a62c64a6f2a0d26def6d6b78d6474ee50cf3f1131ee394440bab270f1c0
tigervnc-server-minimal-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: 4cf040f213d980c7b7f1b428f913486ba576e07cad39e0fe834a899ee5fab51b
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: f22ff3c1b45a46fb279104ff7dcd06f0f54bf9015a6770880a1ac064a4a40f4c
tigervnc-server-module-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: 489812f2fb57cc4d220b7e0141d819de29aa1ce5d8a4f301a8e03cab115bf621
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: e0a2732c4619c02bac316868aac4917f3791cef95267c977220166e6bc2c78f9

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0

SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
aarch64
tigervnc-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: f41ea409b262266ca84ad93def0627966ab2fdff1a03d42e8ca6dda8e8f02c23
tigervnc-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: 3c442db903abd98ac8045ec113f43e33da71340ae99baed568407a4bb5e6ac25
tigervnc-debugsource-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: 2e2f2db3a0ed7d62c1dd4854ac68baae9c661e9ae02f7624690a1b66e275a26b
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: 483d2b51c0d6493c3f70716dbfa6a5d77471128005bec71192e4b2dbcd9ff997
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: db45f4ce758efccff57795360a5af029bd5a88ebed6d9f1dc68e4aa9b3b4f709
tigervnc-server-minimal-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: c5596cccfd6acd85c6c6338a0be5351e538746203ed42ad9f232fbdd1fab055c
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: cf8695ca22c9f792bf8332dd0351d83482242447059abfd7cac277af30dc6ebe
tigervnc-server-module-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: 2d60cd6e86bba40ef340878caa47afbe965b028d9cafef60eeec1bf4c2b7007e
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: 71287f0dafbd598bc3a1de1c2bca54174ea2e1cf6965f1e649b26d39d77ff6b8

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0

SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
ppc64le
tigervnc-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: 74d42f8d9161086075bd73c5697e7f56cd5497c724973e2cba2e73746ebb47fa
tigervnc-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: a8e0c2ca5080088941217299d49dbc18526ba53ea75a4a235268414578b9dea1
tigervnc-debugsource-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: 4ccd7429e9c959211fa46b294463689953ea8bdbb9f06cdc0ec7fa0b4e5ad43c
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: 091bd80e08b46ba8bfdc01e704f87b9fc5a9d871d3b8376d51f972183f8decbc
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: 69e32a62c64a6f2a0d26def6d6b78d6474ee50cf3f1131ee394440bab270f1c0
tigervnc-server-minimal-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: 4cf040f213d980c7b7f1b428f913486ba576e07cad39e0fe834a899ee5fab51b
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: f22ff3c1b45a46fb279104ff7dcd06f0f54bf9015a6770880a1ac064a4a40f4c
tigervnc-server-module-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: 489812f2fb57cc4d220b7e0141d819de29aa1ce5d8a4f301a8e03cab115bf621
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.ppc64le.rpm SHA-256: e0a2732c4619c02bac316868aac4917f3791cef95267c977220166e6bc2c78f9

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
x86_64
tigervnc-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: fb16ed3bf07329eab00d231b56fa21ca287dd8b5e788389d758b8eb067135c05
tigervnc-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: 8783e6f938a163893833c9f969dbb6ea8506fc00261594320ae6c814b5ad3bdf
tigervnc-debugsource-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: 767ab7c172fc5a310d3c39c38f3af14744478daec57e892c5bc6d246030980df
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: ad0b5fa331275b93b8dde6c4b7e6804c751e31316454ac08605669fae99e1509
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: 5e1f64a878fb050d4a28c419ce3c4bae62467b51608e30d5aed6ecce21184d40
tigervnc-server-minimal-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: 899780b43de7260529019c036b36c560c93bd9897b904ae9b2d3184f86ebcb72
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: cc5638ebdc3b7a18e2acd0271c6e833c14bd6bfd4efbe7777abdc013dc529eec
tigervnc-server-module-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: 5acccdffa1b1b569fab222aabc24e755f12dcc7aff191ddcd2d0d717a9add189
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.x86_64.rpm SHA-256: 0755dfea70e9ea6775bded932746784eb66d738dbdaa9a7da1dd022d9e525424

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0

SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
aarch64
tigervnc-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: f41ea409b262266ca84ad93def0627966ab2fdff1a03d42e8ca6dda8e8f02c23
tigervnc-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: 3c442db903abd98ac8045ec113f43e33da71340ae99baed568407a4bb5e6ac25
tigervnc-debugsource-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: 2e2f2db3a0ed7d62c1dd4854ac68baae9c661e9ae02f7624690a1b66e275a26b
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: 483d2b51c0d6493c3f70716dbfa6a5d77471128005bec71192e4b2dbcd9ff997
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: db45f4ce758efccff57795360a5af029bd5a88ebed6d9f1dc68e4aa9b3b4f709
tigervnc-server-minimal-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: c5596cccfd6acd85c6c6338a0be5351e538746203ed42ad9f232fbdd1fab055c
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: cf8695ca22c9f792bf8332dd0351d83482242447059abfd7cac277af30dc6ebe
tigervnc-server-module-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: 2d60cd6e86bba40ef340878caa47afbe965b028d9cafef60eeec1bf4c2b7007e
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.aarch64.rpm SHA-256: 71287f0dafbd598bc3a1de1c2bca54174ea2e1cf6965f1e649b26d39d77ff6b8

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0

SRPM
tigervnc-1.11.0-22.el9_0.1.src.rpm SHA-256: b04cc699b5bc564527dd4fe8e34d332e6862f4c2c458310b73aba654646dc129
s390x
tigervnc-1.11.0-22.el9_0.1.s390x.rpm SHA-256: a448b5ead41af3b3d90c46041355fc477a10b3cdce8385ca33bd9c0093173a3e
tigervnc-debuginfo-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 02056e1ab697d1ef1e5583c364016cda44d28d8a640d11bfb0a6f8019593c9d3
tigervnc-debugsource-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 03c403eb2ad96cfd532b2c47ea6453600204d1c14b2718997b76971a90c16cd5
tigervnc-icons-1.11.0-22.el9_0.1.noarch.rpm SHA-256: b77e8fbc8af9ab53574fba044fd913d9afadfb56c9b1e2054408abe05e058b59
tigervnc-license-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 10e818e812744acab453719da6b2f84c61cb86d36d05ad6ed047e018402987af
tigervnc-selinux-1.11.0-22.el9_0.1.noarch.rpm SHA-256: 725ca13bf7e6d8642b9a02aceb931a0c39c71b46f6998ab13590d6208c824949
tigervnc-server-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 72854be73a7d1b57f7da6036a5b0f3ab11e604cc2c6ea00a905ca373949468dc
tigervnc-server-debuginfo-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 03ffb9c4f440884e7d616607c46239d1fa9f1c3c4bc8e9492dad96d70e8f1a2f
tigervnc-server-minimal-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 5dd8dea3e2de44c99c4b8a83dc9455b0eebdcb9f8f338753949775be8bcbac28
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 163a7124e13899cb49e007f1a81b878fe298326d529d4490a0160f46791f0f16
tigervnc-server-module-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 40d2ca76477701c684567485030783ee1c67b8f8c83d7130723caf9555733ec8
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.1.s390x.rpm SHA-256: 5be98ae71edd3dc1b4ea1400fd1d20fb359447a06c07b4aa4154e6a22664c23d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.