发布于3月6日3月6日 Members CentOS Linux: CVE-2023-1393: Important: tigervnc and xorg-x11-server security update (CESA-2023:1594) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/30/2023 Created 05/05/2023 Added 04/06/2023 Modified 01/28/2025 Description A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later. Solution(s) centos-upgrade-tigervnc centos-upgrade-tigervnc-debuginfo centos-upgrade-tigervnc-icons centos-upgrade-tigervnc-license centos-upgrade-tigervnc-server centos-upgrade-tigervnc-server-applet centos-upgrade-tigervnc-server-minimal centos-upgrade-tigervnc-server-module centos-upgrade-xorg-x11-server-common centos-upgrade-xorg-x11-server-debuginfo centos-upgrade-xorg-x11-server-devel centos-upgrade-xorg-x11-server-source centos-upgrade-xorg-x11-server-xdmx centos-upgrade-xorg-x11-server-xephyr centos-upgrade-xorg-x11-server-xnest centos-upgrade-xorg-x11-server-xorg centos-upgrade-xorg-x11-server-xvfb centos-upgrade-xorg-x11-server-xwayland References CVE-2023-1393
