Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Mageia 7 MGASA-2020-0280: Critical LibVNCServer Buffer Overflow Issue

mageia
Calendar Grey July 5, 2020
Dist Mageia Esm H88
MGASA-2020-0280 - Updated libvncserver packages fix security vulnerability Publication date: 05 Jul
Updated libvncserver packages fix security vulnerabilities: libvncclient/sockets.c in LibVNCServer had a buffer overflow via a long socket filename (CVE-2019-20839)

Summary

Updated libvncserver packages fix security vulnerabilities:
libvncclient/sockets.c in LibVNCServer had a buffer overflow via a long socket filename (CVE-2019-20839).
libvncserver/rfbregion.c had a NULL pointer dereference (CVE-2020-14397).
Byte-aligned data was accessed through uint32_t pointers in libvncclient/rfbproto.c (CVE-2020-14399).
Byte-aligned data was accessed through uint16_t pointers in libvncserver/translate.c (CVE-2020-14400).
libvncserver/scale.c had a pixel_value integer overflow (CVE-2020-14401).
libvncserver/corre.c allowed out-of-bounds access via encodings (CVE-2020-14402).
libvncserver/hextile.c allowed out-of-bounds access via encodings (CVE-2020-14403).
libvncserver/rre.c allowed out-of-bounds access via encodings (CVE-2020-14404).
libvncclient/rfbproto.c does not limit TextChat size (CVE-2020-14405).
The libvncserver package has been updated to version 0.9.13, fixing these issues and several others. See the release announcement for details.

References

- https://bugs.mageia.org/show_bug.cgi?id=26881

- https://github.com/LibVNC/libvncserver/releases/tag/LibVNCServer-0.9.13

- https://lists.debian.org/debian-lts-announce/2020/06/msg00035.html

- https://www.cve.org/CVERecord?id=CVE-2019-20839

- https://www.cve.org/CVERecord?id=CVE-2020-14397

- https://www.cve.org/CVERecord?id=CVE-2020-14398

- https://www.cve.org/CVERecord?id=CVE-2020-14399

- https://www.cve.org/CVERecord?id=CVE-2020-14400

- https://www.cve.org/CVERecord?id=CVE-2020-14401

- https://www.cve.org/CVERecord?id=CVE-2020-14402

- https://www.cve.org/CVERecord?id=CVE-2020-14403

- https://www.cve.org/CVERecord?id=CVE-2020-14404

- https://www.cve.org/CVERecord?id=CVE-2020-14405

Resolution

SRPMS

- 7/core/libvncserver-0.9.13-1.mga7

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 05 Jul 2020
URL: https://advisories.mageia.org/MGASA-2020-0280.html
Type: security
CVE: CVE-2019-20839, CVE-2020-14397, CVE-2020-14398, CVE-2020-14399, CVE-2020-14400, CVE-2020-14401, CVE-2020-14402, CVE-2020-14403, CVE-2020-14404, CVE-2020-14405

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here