Advisories » MGASA-2017-0027

Updated libvncserver packages fix security vulnerability

Publication date: 27 Jan 2017
Modification date: 27 Jan 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-9941 , CVE-2016-9942

Description

It was discovered that there were two vulnerabilities in libvncserver, a
library to create/embed a VNC server:

A heap-based buffer overflow that allows remote servers to cause a
denial of service via a crafted FramebufferUpdate message containing a
subrectangle outside of the drawing area (CVE-2016-9941).

A heap-based buffer overflow that allow remote servers to cause a denial
of service via a crafted FramebufferUpdate message with the "Ultra" type
tile such that the LZO decompressed payload exceeds the size of the tile
dimensions (CVE-2016-9942).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=20075
• https://security-tracker.debian.org/tracker/CVE-2016-9941
• https://security-tracker.debian.org/tracker/CVE-2016-9942
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9941
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9942

SRPMS

5/core

• libvncserver-0.9.10-1.2.mga5