Issued:: 2024-11-18
Updated:: 2024-11-18

RHSA-2024:9818 - Security Advisory

Overview
Updated Packages

Synopsis

Important: tigervnc security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

Security Fix(es):

xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability (CVE-2024-9632)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2317233 - CVE-2024-9632 xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability

CVEs

CVE-2024-9632

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
tigervnc-1.9.0-15.el8_2.12.src.rpm	SHA-256: 1ee47e2d2725967a97e4d4c30ed4544cbc65ade9532950cf9a18aedc81dc3aac
x86_64
tigervnc-1.9.0-15.el8_2.12.x86_64.rpm	SHA-256: e4f96c27f80bb10090327969d089b0337e75e6ab70ad7badb7c7e6626a62cdff
tigervnc-debuginfo-1.9.0-15.el8_2.12.x86_64.rpm	SHA-256: 88264c6a4ede5fab58458782ec8a826c94b27997e63f90a51a83ccaa5a99864c
tigervnc-debugsource-1.9.0-15.el8_2.12.x86_64.rpm	SHA-256: d9329ea9faca6430f155c0b10855f4b72982a3be610a313c587f232c2850b996
tigervnc-icons-1.9.0-15.el8_2.12.noarch.rpm	SHA-256: a733b1753da9d4458e1ed27018ff9579611352c1aa80fb394e4dcc0ae34f5c6c
tigervnc-license-1.9.0-15.el8_2.12.noarch.rpm	SHA-256: c113a2537206cf3e766bf5313ffc34e13527ef27ee6fb7ab16442a47f585dd15
tigervnc-server-1.9.0-15.el8_2.12.x86_64.rpm	SHA-256: 4740fe069e039e0aef7398e35552c529d6a538faf5f81ca1a94f3237c4237304
tigervnc-server-applet-1.9.0-15.el8_2.12.noarch.rpm	SHA-256: 9ecdfe5b4852f53058a20a1344ca84793d5b4b0089a4b34e8af9271855a0ef0c
tigervnc-server-debuginfo-1.9.0-15.el8_2.12.x86_64.rpm	SHA-256: eeff50e7a6f5f0e4351644ffcf454244a72f54bef3cc0b4891c8c89883da3f63
tigervnc-server-minimal-1.9.0-15.el8_2.12.x86_64.rpm	SHA-256: 189a58365ff14e26690a7fa092f227e1e885bf0753088983737a8b36dcfba8b2
tigervnc-server-minimal-debuginfo-1.9.0-15.el8_2.12.x86_64.rpm	SHA-256: ba0e6bb0f086f13b07044d52e0e35e24edb5335840513f2af05d6ac1398bca67
tigervnc-server-module-1.9.0-15.el8_2.12.x86_64.rpm	SHA-256: 2b5afdd2eba0da6cc9c083fa5f71550c75e3c56e4b698a86b8d1f3768fd86be9
tigervnc-server-module-debuginfo-1.9.0-15.el8_2.12.x86_64.rpm	SHA-256: 2289bbf021317baad359d44cb21ebecf8eae919b81cfb13fef4596d8cab6fc61

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation