CLSA-2025-1744213437

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744213437.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1744213437
Upstream
Published
2025-04-09T15:44:02Z
Modified
2026-06-01T00:30:35.766285660Z
Summary
tigervnc: Fix of 3 CVEs
Details
  • CVE-2023-6816: xorg-x11-server: fix use-after-free issue by adding check to allocate sufficient space for logical button maps to prevent heap overflow in DeviceFocusEvent and XIQueryPointer replies
  • CVE-2023-5367: xorg-x11-server: correct buffer offset handling in XIChangeDeviceProperty and RRChangeOutputProperty to prevent out-of-bound writes during append/prepend operations
  • CVE-2023-6478: xorg-x11-server: fix integer overflow in RRChangeProviderProperty and RRChangeOutputProperty to prevent disclosure of sensitive information
References

Affected packages

TuxCare:AlmaLinux:9.2
tigervnc

Package

Name
tigervnc
Purl
pkg:rpm/tuxcare/tigervnc?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.0-13.el9_2.tuxcare.els9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744213437.json"
tigervnc-icons

Package

Name
tigervnc-icons
Purl
pkg:rpm/tuxcare/tigervnc-icons?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.0-13.el9_2.tuxcare.els9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744213437.json"
tigervnc-license

Package

Name
tigervnc-license
Purl
pkg:rpm/tuxcare/tigervnc-license?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.0-13.el9_2.tuxcare.els9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744213437.json"
tigervnc-selinux

Package

Name
tigervnc-selinux
Purl
pkg:rpm/tuxcare/tigervnc-selinux?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.0-13.el9_2.tuxcare.els9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744213437.json"
tigervnc-server

Package

Name
tigervnc-server
Purl
pkg:rpm/tuxcare/tigervnc-server?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.0-13.el9_2.tuxcare.els9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744213437.json"
tigervnc-server-minimal

Package

Name
tigervnc-server-minimal
Purl
pkg:rpm/tuxcare/tigervnc-server-minimal?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.0-13.el9_2.tuxcare.els9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744213437.json"
tigervnc-server-module

Package

Name
tigervnc-server-module
Purl
pkg:rpm/tuxcare/tigervnc-server-module?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.0-13.el9_2.tuxcare.els9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744213437.json"