Bug 1671405 (CVE-2018-20750)
Summary: | CVE-2018-20750 libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution (Incomplete fix for CVE-2018-15127) | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED WONTFIX | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | negativo17, ppisar, rdieter |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A flaw was found in libvncserver. An incomplete fix for CVE-2018-15127 leaves open an out-of-bounds write vulnerability in code for the file transfer extension. This vulnerability can be remotely exploited. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-06-10 10:47:10 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1661115, 1661116 | ||
Bug Blocks: | 1661105 |
Description
Andrej Nemec
2019-01-31 14:31:19 UTC
Created libvncserver tracking bugs for this issue: Affects: epel-7 [bug 1661116] Affects: fedora-all [bug 1661115] |