Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Mageia 7 MGASA-2020-0280: Critical LibVNCServer Buffer Overflow Issue

mageia
Calendar Grey July 5, 2020
Dist Mageia Esm H88
Recent updates to the libvncserver packages address multiple security vulnerabilities in the Mageia software, contributing to improved system safety.
Updated libvncserver packages fix security vulnerabilities: libvncclient/sockets.c in LibVNCServer had a buffer overflow via a long socket filename (CVE-2019-20839)

Summary

Updated libvncserver packages fix security vulnerabilities:
libvncclient/sockets.c in LibVNCServer had a buffer overflow via a long socket filename (CVE-2019-20839).
libvncserver/rfbregion.c had a NULL pointer dereference (CVE-2020-14397).
Byte-aligned data was accessed through uint32_t pointers in libvncclient/rfbproto.c (CVE-2020-14399).
Byte-aligned data was accessed through uint16_t pointers in libvncserver/translate.c (CVE-2020-14400).
libvncserver/scale.c had a pixel_value integer overflow (CVE-2020-14401).
libvncserver/corre.c allowed out-of-bounds access via encodings (CVE-2020-14402).
libvncserver/hextile.c allowed out-of-bounds access via encodings (CVE-2020-14403).
libvncserver/rre.c allowed out-of-bounds access via encodings (CVE-2020-14404).
libvncclient/rfbproto.c does not limit TextChat size (CVE-2020-14405).
The libvncserver package has been updated to version 0.9.13, fixing these issues and several others. See the release announcement for details.

References

- https://bugs.mageia.org/show_bug.cgi?id=26881

- https://github.com/LibVNC/libvncserver/releases/tag/LibVNCServer-0.9.13

- https://lists.debian.org/debian-lts-announce/2020/06/msg00035.html

- https://www.cve.org/CVERecord?id=CVE-2019-20839

- https://www.cve.org/CVERecord?id=CVE-2020-14397

- https://www.cve.org/CVERecord?id=CVE-2020-14398

- https://www.cve.org/CVERecord?id=CVE-2020-14399

- https://www.cve.org/CVERecord?id=CVE-2020-14400

- https://www.cve.org/CVERecord?id=CVE-2020-14401

- https://www.cve.org/CVERecord?id=CVE-2020-14402

- https://www.cve.org/CVERecord?id=CVE-2020-14403

- https://www.cve.org/CVERecord?id=CVE-2020-14404

- https://www.cve.org/CVERecord?id=CVE-2020-14405

Topics%20covered

Topics Covered

security advisory buffer overflow security fix NULL pointer out-of-bounds LibVNCServer Mageia

Resolution

SRPMS

- 7/core/libvncserver-0.9.13-1.mga7

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 05 Jul 2020
URL: https://advisories.mageia.org/MGASA-2020-0280.html
Type: security
CVE: CVE-2019-20839, CVE-2020-14397, CVE-2020-14398, CVE-2020-14399, CVE-2020-14400, CVE-2020-14401, CVE-2020-14402, CVE-2020-14403, CVE-2020-14404, CVE-2020-14405

Topics%20covered

Topics Covered

security advisory buffer overflow security fix NULL pointer out-of-bounds LibVNCServer Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here