Red Hat Product Errata RHSA-2023:1599 - Security Advisory
Issued:
2023-04-04
Updated:
2023-04-04

RHSA-2023:1599 - Security Advisory

Synopsis

Important: tigervnc security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

  • xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability (CVE-2023-1393)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x

Fixes

  • BZ - 2180288 - CVE-2023-1393 xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0

SRPM
tigervnc-1.11.0-22.el9_0.2.src.rpm SHA-256: 518dd312a98bc22af1de8a52a277a71ffafeeedd0a1ee652aead0b7af3b5d2cb
x86_64
tigervnc-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: 8f90f535250ec22773ca577e3ea48d3f70053ead9253cf7665661f367c4f80c3
tigervnc-debuginfo-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: 111a5434433b9ce69938570d82787970b51e8d311e70e5936487877b9aed8d04
tigervnc-debugsource-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: 599e454ec2807420f762e770a7a567b98d27408bf687be375de9afc1a54de3b4
tigervnc-icons-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 0d6a791b4aa29502526eb550fbf16ea3fc198f940eec8b7123b6de852fe0f7aa
tigervnc-license-1.11.0-22.el9_0.2.noarch.rpm SHA-256: d789d77e2eb05968563f3b0648bab1704e4c1f2e1e36c7955e932c0c17097dfe
tigervnc-selinux-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 5dd6f14fcc5e34c788f3ade3b68df1b4bc9fc0411aba5cb79933cc5c663e96dc
tigervnc-server-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: 1cabbdadbf128683dd017da115ac993edacf6bf6c3550e63b992b44b1cc171c8
tigervnc-server-debuginfo-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: a56a59ee8001e3db320b986adc063780d84147fe9b06bca752eb365c69abab48
tigervnc-server-minimal-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: 3bf2ecfe3585c5b12f74c5ae4f1c4da4b9d935daaf49b96baa367bae7ae615e5
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: cb223b1c41392fef18c14a1df31e91beaba9e788611707f74f545a2e726a730d
tigervnc-server-module-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: 0275a03641b2d47649dca1297ad3d854dbb4c846114ed78f989e7a079dce9e10
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: d1664b4a4eb9284f79f51716d7547d4110d5cf6bab0b7353591f76345baa3619

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0

SRPM
tigervnc-1.11.0-22.el9_0.2.src.rpm SHA-256: 518dd312a98bc22af1de8a52a277a71ffafeeedd0a1ee652aead0b7af3b5d2cb
s390x
tigervnc-1.11.0-22.el9_0.2.s390x.rpm SHA-256: ec05b24c0e781047409c3a7d1df8d23ec9d71c0db53e4812577d43db2f45a6ac
tigervnc-debuginfo-1.11.0-22.el9_0.2.s390x.rpm SHA-256: 20d33d0458696414b6238416b12ffe0ceeb1e2a2d2db0505844e273a640f6090
tigervnc-debugsource-1.11.0-22.el9_0.2.s390x.rpm SHA-256: a40bbf0edd77b818e08f8cba3b6b531431fd1636e09a644afce19ad8b8894ba1
tigervnc-icons-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 0d6a791b4aa29502526eb550fbf16ea3fc198f940eec8b7123b6de852fe0f7aa
tigervnc-license-1.11.0-22.el9_0.2.noarch.rpm SHA-256: d789d77e2eb05968563f3b0648bab1704e4c1f2e1e36c7955e932c0c17097dfe
tigervnc-selinux-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 5dd6f14fcc5e34c788f3ade3b68df1b4bc9fc0411aba5cb79933cc5c663e96dc
tigervnc-server-1.11.0-22.el9_0.2.s390x.rpm SHA-256: 38ebb1b7c24676c22edf99479263dbd9f56c7851439f2f4e60bba9ffc2ee39e9
tigervnc-server-debuginfo-1.11.0-22.el9_0.2.s390x.rpm SHA-256: 3847c9d596e099c579728b6dfa58ddb3e28b682e97b7dc1faf687fe8c7b3bcdc
tigervnc-server-minimal-1.11.0-22.el9_0.2.s390x.rpm SHA-256: 500f72613ce5263d8b84877f00c4c8c02dfa1d3bcc72387a7ab2e1046dd90de3
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.2.s390x.rpm SHA-256: f1f535c9d4b460d6ae4f1fbc01a9902f8ff57d5721d49f6c1681ec8005835006
tigervnc-server-module-1.11.0-22.el9_0.2.s390x.rpm SHA-256: 971891e452941969f9464191c78fa0e2f755c692f6b3ae6cfac994235efc3495
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.2.s390x.rpm SHA-256: 045c8296248191c14eaa4f7779bf9c4a4c78c0909eb0681333fb316164ecb8b2

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0

SRPM
tigervnc-1.11.0-22.el9_0.2.src.rpm SHA-256: 518dd312a98bc22af1de8a52a277a71ffafeeedd0a1ee652aead0b7af3b5d2cb
ppc64le
tigervnc-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: 0e24cebb2d09111c301a925832c56dcee1d7d275a4ab7f39574b2fd57b83e6a6
tigervnc-debuginfo-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: ed956b45a1dcd57bb36ae9c5566e083c09c9aa187cb1373be1d3779acc758cda
tigervnc-debugsource-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: 13e92f1dc04c7f5e61befcc26eb732d94b707b0113091b474379afaf685c567d
tigervnc-icons-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 0d6a791b4aa29502526eb550fbf16ea3fc198f940eec8b7123b6de852fe0f7aa
tigervnc-license-1.11.0-22.el9_0.2.noarch.rpm SHA-256: d789d77e2eb05968563f3b0648bab1704e4c1f2e1e36c7955e932c0c17097dfe
tigervnc-selinux-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 5dd6f14fcc5e34c788f3ade3b68df1b4bc9fc0411aba5cb79933cc5c663e96dc
tigervnc-server-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: a57bec9ff2b355d4b60c3b665500d77565f4cb0f4a2b997beec08555dcb522a7
tigervnc-server-debuginfo-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: aed57f211fc70bbc02626281cbf3e191211b2cd22d8e5f8d20bec748ccb50754
tigervnc-server-minimal-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: 5e83483cff0f02fffa8a6cd3e91b668bad6c955820825ae0cf4d3b6fb10ea1a3
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: 1c492b959d05611e5bec6c24f8b15d4febd9c3150e86e6d0a1952bcd38f5982f
tigervnc-server-module-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: e5053b35caf5dd309c36425c28844750df93e59ebdb1bf127842da79b4a43b16
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: 9a4b2bced3e8904e4e6c0071607343cb424dd08eafe7c6af51716f2c95215341

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0

SRPM
tigervnc-1.11.0-22.el9_0.2.src.rpm SHA-256: 518dd312a98bc22af1de8a52a277a71ffafeeedd0a1ee652aead0b7af3b5d2cb
aarch64
tigervnc-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: bb2368a8f6fdffeec2a416058f410fa66bb3b89d00c7d959934f93473d2f2d56
tigervnc-debuginfo-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: 5f4b16f1ab885425c7779fa8d20c7e08a59bfa8db2c5f3241d1cc55065c72ccd
tigervnc-debugsource-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: 9945b6bc7dfb911c1e45a80fc38e37bb54ca062937e0720900c4edb171713a5e
tigervnc-icons-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 0d6a791b4aa29502526eb550fbf16ea3fc198f940eec8b7123b6de852fe0f7aa
tigervnc-license-1.11.0-22.el9_0.2.noarch.rpm SHA-256: d789d77e2eb05968563f3b0648bab1704e4c1f2e1e36c7955e932c0c17097dfe
tigervnc-selinux-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 5dd6f14fcc5e34c788f3ade3b68df1b4bc9fc0411aba5cb79933cc5c663e96dc
tigervnc-server-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: 9706dfb64fba297c64499e6252a41b11f64c21a4520a8287953f88f2a789ac55
tigervnc-server-debuginfo-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: f6d6d275bdf61c647df2541c32fb4ceded32d0b8ae2345fbc68635cd2ab79c6f
tigervnc-server-minimal-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: 852230787a4f107fa5d66728b2193ff11dabdc964a7cf4496555e633315d213f
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: 7cd595b78effb5280dacfa6f7316dae9b7fd8de1910b45e51dfea508280bb788
tigervnc-server-module-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: ea55c6742cc91907f4fa9b0bdc88afc63b5fdadef96f33224f3e96a51879bb54
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: 230a96b35251e1e471e4868460f5e008a0cb5eceadde1617c748f9953339ae60

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0

SRPM
tigervnc-1.11.0-22.el9_0.2.src.rpm SHA-256: 518dd312a98bc22af1de8a52a277a71ffafeeedd0a1ee652aead0b7af3b5d2cb
ppc64le
tigervnc-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: 0e24cebb2d09111c301a925832c56dcee1d7d275a4ab7f39574b2fd57b83e6a6
tigervnc-debuginfo-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: ed956b45a1dcd57bb36ae9c5566e083c09c9aa187cb1373be1d3779acc758cda
tigervnc-debugsource-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: 13e92f1dc04c7f5e61befcc26eb732d94b707b0113091b474379afaf685c567d
tigervnc-icons-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 0d6a791b4aa29502526eb550fbf16ea3fc198f940eec8b7123b6de852fe0f7aa
tigervnc-license-1.11.0-22.el9_0.2.noarch.rpm SHA-256: d789d77e2eb05968563f3b0648bab1704e4c1f2e1e36c7955e932c0c17097dfe
tigervnc-selinux-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 5dd6f14fcc5e34c788f3ade3b68df1b4bc9fc0411aba5cb79933cc5c663e96dc
tigervnc-server-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: a57bec9ff2b355d4b60c3b665500d77565f4cb0f4a2b997beec08555dcb522a7
tigervnc-server-debuginfo-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: aed57f211fc70bbc02626281cbf3e191211b2cd22d8e5f8d20bec748ccb50754
tigervnc-server-minimal-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: 5e83483cff0f02fffa8a6cd3e91b668bad6c955820825ae0cf4d3b6fb10ea1a3
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: 1c492b959d05611e5bec6c24f8b15d4febd9c3150e86e6d0a1952bcd38f5982f
tigervnc-server-module-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: e5053b35caf5dd309c36425c28844750df93e59ebdb1bf127842da79b4a43b16
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.2.ppc64le.rpm SHA-256: 9a4b2bced3e8904e4e6c0071607343cb424dd08eafe7c6af51716f2c95215341

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM
tigervnc-1.11.0-22.el9_0.2.src.rpm SHA-256: 518dd312a98bc22af1de8a52a277a71ffafeeedd0a1ee652aead0b7af3b5d2cb
x86_64
tigervnc-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: 8f90f535250ec22773ca577e3ea48d3f70053ead9253cf7665661f367c4f80c3
tigervnc-debuginfo-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: 111a5434433b9ce69938570d82787970b51e8d311e70e5936487877b9aed8d04
tigervnc-debugsource-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: 599e454ec2807420f762e770a7a567b98d27408bf687be375de9afc1a54de3b4
tigervnc-icons-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 0d6a791b4aa29502526eb550fbf16ea3fc198f940eec8b7123b6de852fe0f7aa
tigervnc-license-1.11.0-22.el9_0.2.noarch.rpm SHA-256: d789d77e2eb05968563f3b0648bab1704e4c1f2e1e36c7955e932c0c17097dfe
tigervnc-selinux-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 5dd6f14fcc5e34c788f3ade3b68df1b4bc9fc0411aba5cb79933cc5c663e96dc
tigervnc-server-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: 1cabbdadbf128683dd017da115ac993edacf6bf6c3550e63b992b44b1cc171c8
tigervnc-server-debuginfo-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: a56a59ee8001e3db320b986adc063780d84147fe9b06bca752eb365c69abab48
tigervnc-server-minimal-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: 3bf2ecfe3585c5b12f74c5ae4f1c4da4b9d935daaf49b96baa367bae7ae615e5
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: cb223b1c41392fef18c14a1df31e91beaba9e788611707f74f545a2e726a730d
tigervnc-server-module-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: 0275a03641b2d47649dca1297ad3d854dbb4c846114ed78f989e7a079dce9e10
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.2.x86_64.rpm SHA-256: d1664b4a4eb9284f79f51716d7547d4110d5cf6bab0b7353591f76345baa3619

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0

SRPM
tigervnc-1.11.0-22.el9_0.2.src.rpm SHA-256: 518dd312a98bc22af1de8a52a277a71ffafeeedd0a1ee652aead0b7af3b5d2cb
aarch64
tigervnc-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: bb2368a8f6fdffeec2a416058f410fa66bb3b89d00c7d959934f93473d2f2d56
tigervnc-debuginfo-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: 5f4b16f1ab885425c7779fa8d20c7e08a59bfa8db2c5f3241d1cc55065c72ccd
tigervnc-debugsource-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: 9945b6bc7dfb911c1e45a80fc38e37bb54ca062937e0720900c4edb171713a5e
tigervnc-icons-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 0d6a791b4aa29502526eb550fbf16ea3fc198f940eec8b7123b6de852fe0f7aa
tigervnc-license-1.11.0-22.el9_0.2.noarch.rpm SHA-256: d789d77e2eb05968563f3b0648bab1704e4c1f2e1e36c7955e932c0c17097dfe
tigervnc-selinux-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 5dd6f14fcc5e34c788f3ade3b68df1b4bc9fc0411aba5cb79933cc5c663e96dc
tigervnc-server-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: 9706dfb64fba297c64499e6252a41b11f64c21a4520a8287953f88f2a789ac55
tigervnc-server-debuginfo-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: f6d6d275bdf61c647df2541c32fb4ceded32d0b8ae2345fbc68635cd2ab79c6f
tigervnc-server-minimal-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: 852230787a4f107fa5d66728b2193ff11dabdc964a7cf4496555e633315d213f
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: 7cd595b78effb5280dacfa6f7316dae9b7fd8de1910b45e51dfea508280bb788
tigervnc-server-module-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: ea55c6742cc91907f4fa9b0bdc88afc63b5fdadef96f33224f3e96a51879bb54
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.2.aarch64.rpm SHA-256: 230a96b35251e1e471e4868460f5e008a0cb5eceadde1617c748f9953339ae60

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0

SRPM
tigervnc-1.11.0-22.el9_0.2.src.rpm SHA-256: 518dd312a98bc22af1de8a52a277a71ffafeeedd0a1ee652aead0b7af3b5d2cb
s390x
tigervnc-1.11.0-22.el9_0.2.s390x.rpm SHA-256: ec05b24c0e781047409c3a7d1df8d23ec9d71c0db53e4812577d43db2f45a6ac
tigervnc-debuginfo-1.11.0-22.el9_0.2.s390x.rpm SHA-256: 20d33d0458696414b6238416b12ffe0ceeb1e2a2d2db0505844e273a640f6090
tigervnc-debugsource-1.11.0-22.el9_0.2.s390x.rpm SHA-256: a40bbf0edd77b818e08f8cba3b6b531431fd1636e09a644afce19ad8b8894ba1
tigervnc-icons-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 0d6a791b4aa29502526eb550fbf16ea3fc198f940eec8b7123b6de852fe0f7aa
tigervnc-license-1.11.0-22.el9_0.2.noarch.rpm SHA-256: d789d77e2eb05968563f3b0648bab1704e4c1f2e1e36c7955e932c0c17097dfe
tigervnc-selinux-1.11.0-22.el9_0.2.noarch.rpm SHA-256: 5dd6f14fcc5e34c788f3ade3b68df1b4bc9fc0411aba5cb79933cc5c663e96dc
tigervnc-server-1.11.0-22.el9_0.2.s390x.rpm SHA-256: 38ebb1b7c24676c22edf99479263dbd9f56c7851439f2f4e60bba9ffc2ee39e9
tigervnc-server-debuginfo-1.11.0-22.el9_0.2.s390x.rpm SHA-256: 3847c9d596e099c579728b6dfa58ddb3e28b682e97b7dc1faf687fe8c7b3bcdc
tigervnc-server-minimal-1.11.0-22.el9_0.2.s390x.rpm SHA-256: 500f72613ce5263d8b84877f00c4c8c02dfa1d3bcc72387a7ab2e1046dd90de3
tigervnc-server-minimal-debuginfo-1.11.0-22.el9_0.2.s390x.rpm SHA-256: f1f535c9d4b460d6ae4f1fbc01a9902f8ff57d5721d49f6c1681ec8005835006
tigervnc-server-module-1.11.0-22.el9_0.2.s390x.rpm SHA-256: 971891e452941969f9464191c78fa0e2f755c692f6b3ae6cfac994235efc3495
tigervnc-server-module-debuginfo-1.11.0-22.el9_0.2.s390x.rpm SHA-256: 045c8296248191c14eaa4f7779bf9c4a4c78c0909eb0681333fb316164ecb8b2

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.