vulnerability
Alma Linux: CVE-2024-0229: Important: tigervnc security update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | Jan 30, 2024 | Feb 1, 2024 | Nov 13, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Jan 30, 2024
Added
Feb 1, 2024
Modified
Nov 13, 2025
Description
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.
Solutions
alma-upgrade-tigervncalma-upgrade-tigervnc-iconsalma-upgrade-tigervnc-licensealma-upgrade-tigervnc-selinuxalma-upgrade-tigervnc-serveralma-upgrade-tigervnc-server-minimalalma-upgrade-tigervnc-server-modulealma-upgrade-xorg-x11-server-commonalma-upgrade-xorg-x11-server-develalma-upgrade-xorg-x11-server-sourcealma-upgrade-xorg-x11-server-xdmxalma-upgrade-xorg-x11-server-xephyralma-upgrade-xorg-x11-server-xnestalma-upgrade-xorg-x11-server-xorgalma-upgrade-xorg-x11-server-xvfbalma-upgrade-xorg-x11-server-xwayland
References
- CVE-2024-0229
- https://attackerkb.com/topics/CVE-2024-0229
- CWE-787
- URL-https://errata.almalinux.org/8/ALSA-2024-0607.html
- URL-https://errata.almalinux.org/8/ALSA-2024-2995.html
- URL-https://errata.almalinux.org/8/ALSA-2024-2996.html
- URL-https://errata.almalinux.org/9/ALSA-2024-0557.html
- URL-https://errata.almalinux.org/9/ALSA-2024-2169.html
- URL-https://errata.almalinux.org/9/ALSA-2024-2170.html
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.