An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. Upstream commit: https://github.com/LibVNC/libvncserver/commit/53073c8d7e232151ea2ecd8a1243124121e10e2d
Created libvncserver tracking bugs for this issue: Affects: epel-7 [bug 1860362] Affects: fedora-all [bug 1860363]
I've opened general software bugs for this as there is no known exploit path or trust boundary crossed: https://bugzilla.redhat.com/show_bug.cgi?id=1861929 https://bugzilla.redhat.com/show_bug.cgi?id=1861933 https://bugzilla.redhat.com/show_bug.cgi?id=1861932 https://bugzilla.redhat.com/show_bug.cgi?id=1861930
Statement: Red Hat Product Security does not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary.