VDB

GCVE-110-MAGEIA-2024-9

GCVE-110-MAGEIA-2024-9
Advisory Published
Vulnetix · Advisory published January 14, 2024
The updated packages fix security vulnerabilities: A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. (CVE-2023-6377) A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. (CVE-2023-6478)

Affected Products

VendorProductVersionsPlatforms
Mageiapython-requests2.31.0-2.mga9 (unaffected), 0 (affected)
Mageiatigervnc1.13.1-2.2.mga9 (unaffected), 0 (affected), 0 (affected), 1.13.1-2.2.mga9 (unaffected)
Mageiax11-server0 (affected), 21.1.8-7.2.mga9 (unaffected), 0 (affected), 21.1.8-7.2.mga9 (unaffected)
Mageiapython-urllib31.26.18-4.mga9 (unaffected), 0 (affected)
Mageiax11-server-xwayland0 (affected), 0 (affected), 22.1.9-1.2.mga9 (unaffected), 22.1.9-1.2.mga9 (unaffected)
Mageiapython-yamllint0 (affected), 1.32.0-2.mga9 (unaffected)
Mageiaansible-lint0 (affected), 6.21.1-1.1.mga9 (unaffected)
Mageiapython-ansible-compat0 (affected), 4.1.10-2.mga9 (unaffected)

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›