Updated libvncserver packages fix security vulnerability
Publication date: 05 Jul 2020Modification date: 05 Jul 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-20839 , CVE-2020-14397 , CVE-2020-14398 , CVE-2020-14399 , CVE-2020-14400 , CVE-2020-14401 , CVE-2020-14402 , CVE-2020-14403 , CVE-2020-14404 , CVE-2020-14405
Description
Updated libvncserver packages fix security vulnerabilities: libvncclient/sockets.c in LibVNCServer had a buffer overflow via a long socket filename (CVE-2019-20839). libvncserver/rfbregion.c had a NULL pointer dereference (CVE-2020-14397). Byte-aligned data was accessed through uint32_t pointers in libvncclient/rfbproto.c (CVE-2020-14399). Byte-aligned data was accessed through uint16_t pointers in libvncserver/translate.c (CVE-2020-14400). libvncserver/scale.c had a pixel_value integer overflow (CVE-2020-14401). libvncserver/corre.c allowed out-of-bounds access via encodings (CVE-2020-14402). libvncserver/hextile.c allowed out-of-bounds access via encodings (CVE-2020-14403). libvncserver/rre.c allowed out-of-bounds access via encodings (CVE-2020-14404). libvncclient/rfbproto.c does not limit TextChat size (CVE-2020-14405). The libvncserver package has been updated to version 0.9.13, fixing these issues and several others. See the release announcement for details.
References
- https://bugs.mageia.org/show_bug.cgi?id=26881
- https://github.com/LibVNC/libvncserver/releases/tag/LibVNCServer-0.9.13
- https://www.debian.org/lts/security/2020/dla-2264
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20839
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14397
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14398
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14399
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14400
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14401
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14402
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14403
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14404
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14405
SRPMS
7/core
- libvncserver-0.9.13-1.mga7