Bug 1151307 (CVE-2014-8240) - CVE-2014-8240 tigervnc: integer overflow flaw, leading to a heap-based buffer overflow in screen size handling
Summary: CVE-2014-8240 tigervnc: integer overflow flaw, leading to a heap-based buffer...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2014-8240
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1248422
Blocks: 1210268 1248061
TreeView+ depends on / blocked
 
Reported: 2014-10-10 05:16 UTC by Siddharth Sharma
Modified: 2021-02-17 06:07 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way TigerVNC handled screen sizes. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code on the client.
Clone Of:
Environment:
Last Closed: 2015-11-20 05:29:43 UTC
Embargoed:


Attachments (Terms of Use)
tigervnc-1.3.1-CVE-2014-8240.patch (proposed 1.3.1 patch) (2.47 KB, patch)
2014-10-16 11:41 UTC, Tim Waugh
no flags Details | Diff


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:2233 0 normal SHIPPED_LIVE Moderate: tigervnc security, bug fix, and enhancement update 2015-11-19 09:11:46 UTC

Description Siddharth Sharma 2014-10-10 05:16:57 UTC
This issue was discovered by Tim Waugh of Red Hat. Tigervnc is affected by same thing as in CVE-2014-6051. Integer overflaw leading to a heap-based buffer overflow was found in the way screen sizes were handled. A Malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code on the client.

Comment 7 Tim Waugh 2014-10-16 11:41:25 UTC
Created attachment 947578 [details]
tigervnc-1.3.1-CVE-2014-8240.patch (proposed 1.3.1 patch)

Comment 10 errata-xmlrpc 2015-11-19 09:03:16 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2015:2233 https://rhn.redhat.com/errata/RHSA-2015-2233.html

Comment 11 Huzaifa S. Sidhpurwala 2015-11-20 05:29:43 UTC
Statement:

This issue affects the version of tigervnc as shipped with Red Hat Enterprise Linux 5 and 6. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 5 and 6.


Note You need to log in before you can comment on or make changes to this bug.