Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2020:1749-1 Important: Tigervnc Memory Fixes and Updates

suse
Calendar Grey June 25, 2020
Dist Suse Esm H88
SUSE has released a Security Update for tigervnc that tackles multiple vulnerabilities and improves system reliability for its users. Key improvements have been implemented.
An update that solves 5 vulnerabilities and has four fixes is now available

Summary

This update for tigervnc fixes the following issues: - CVE-2019-15691: Fixed a use-after-return due to incorrect usage of stack memory in ZRLEDecoder (bsc#1159856). - CVE-2019-15692: Fixed a heap-based buffer overflow in CopyRectDecode (bsc#1160250). - CVE-2019-15693: Fixed a heap-based buffer overflow in TightDecoder::FilterGradient (bsc#1159858). - CVE-2019-15694: Fixed a heap-based buffer overflow, caused by improper error handling in processing MemOutStream (bsc#1160251). - CVE-2019-15695: Fixed a stack-based buffer overflow, which could be triggered from CMsgReader::readSetCursor (bsc#1159860). Other bugs fixed: - Fix random connection freezes (bsc#1169952, bsc#1160249, bsc#1165680): Patch Instructions:

Topics%20covered

Topics Covered

security advisory buffer overflow critical important SUSE memory issues tigervnc

References

#1159856 #1159858 #1159860 #1160249 #1160250

#1160251 #1160937 #1165680 #1169952

Cross- CVE-2019-15691 CVE-2019-15692 CVE-2019-15693

CVE-2019-15694 CVE-2019-15695

Affected Products:

SUSE Linux Enterprise Server 12-SP5

SUSE Linux Enterprise Server 12-SP4

https://www.suse.com/security/cve/CVE-2019-15691.html

https://www.suse.com/security/cve/CVE-2019-15692.html

https://www.suse.com/security/cve/CVE-2019-15693.html

https://www.suse.com/security/cve/CVE-2019-15694.html

https://www.suse.com/security/cve/CVE-2019-15695.html

https://bugzilla.suse.com/1159856

https://bugzilla.suse.com/1159858

https://bugzilla.suse.com/1159860

https://bugzilla.suse.com/1160249

https://bugzilla.suse.com/1160250

https://bugzilla.suse.com/1160251

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:1749-1
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow critical important SUSE memory issues tigervnc

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here