CLSA-2025-1744223313

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744223313.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1744223313
Upstream
Published
2025-04-09T18:28:39Z
Modified
2026-06-01T00:30:35.770507420Z
Summary
tigervnc: Fix of 3 CVEs
Details
  • CVE-2024-31080: xorg-x11-server: fix heap-based buffer over-read vulnerability in ProcXIGetSelectedEvents() by avoiding byte-swapped length values in replies
  • CVE-2024-9632: xorg-x11-server: fix improperly tracked allocation size in _XkbSetCompatMap to prevent buffer overflow condition
  • CVE-2024-31081: xorg-x11-server: fix heap-based buffer over-read vulnerability in ProcXIPassiveGrabDevice() function to prevent memory leakage and segmentation faults by handling byte-swapped length values in replies correctly
References

Affected packages

TuxCare:AlmaLinux:9.2
tigervnc

Package

Name
tigervnc
Purl
pkg:rpm/tuxcare/tigervnc?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.0-13.el9_2.tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744223313.json"
tigervnc-icons

Package

Name
tigervnc-icons
Purl
pkg:rpm/tuxcare/tigervnc-icons?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.0-13.el9_2.tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744223313.json"
tigervnc-license

Package

Name
tigervnc-license
Purl
pkg:rpm/tuxcare/tigervnc-license?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.0-13.el9_2.tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744223313.json"
tigervnc-selinux

Package

Name
tigervnc-selinux
Purl
pkg:rpm/tuxcare/tigervnc-selinux?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.0-13.el9_2.tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744223313.json"
tigervnc-server

Package

Name
tigervnc-server
Purl
pkg:rpm/tuxcare/tigervnc-server?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.0-13.el9_2.tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744223313.json"
tigervnc-server-minimal

Package

Name
tigervnc-server-minimal
Purl
pkg:rpm/tuxcare/tigervnc-server-minimal?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.0-13.el9_2.tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744223313.json"
tigervnc-server-module

Package

Name
tigervnc-server-module
Purl
pkg:rpm/tuxcare/tigervnc-server-module?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.0-13.el9_2.tuxcare.els10

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1744223313.json"