1854761 – (CVE-2019-15681) CVE-2019-15681 libvncserver: information disclosure and ASLR bypass

Bug 1854761 (CVE-2019-15681) - CVE-2019-15681 libvncserver: information disclosure and ASLR bypass

Summary: CVE-2019-15681 libvncserver: information disclosure and ASLR bypass

Keywords:
Status:	NEW
Alias:	CVE-2019-15681
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1854764 1854765 1860305 1860306 1860307 1860308
Blocks:	1854763
TreeView+	depends on / blocked

Reported:	2020-07-08 08:14 UTC by Dhananjay Arunesh
Modified:	2023-07-07 08:33 UTC (History)
CC List:	5 users (show)
Fixed In Version:	libvncserver 0.9.13
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Dhananjay Arunesh 2020-07-08 08:14:42 UTC

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a.

References:
https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a

Comment 1 Dhananjay Arunesh 2020-07-08 08:15:55 UTC

Created libvncserver tracking bugs for this issue:

Affects: epel-7 [bug 1854765]
Affects: fedora-all [bug 1854764]

Note You need to log in before you can comment on or make changes to this bug.