Alibaba Cloud Linux 2.1903 Security Advisory: ALINUX2-SA-2025:0001

Issued: 2025-01-10
Updated: 2025-01-10

Summary

tigervnc security update

Severity

Important

Description

Package updates are available for Alibaba Cloud Linux 2.1903 that fix the following vulnerabilities:

CVE-2024-9632:
A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.

References

Updated Packages