Описание
An issue was discovered in LibVNCServer before 0.9.13. There is a memory leak in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
An issue was discovered in LibVNCServer before 0.9.13. There is a memory leak in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-21247
- https://github.com/LibVNC/libvncserver/issues/253
- https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf
- https://github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServer-0.9.13
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4F6FUH4EFK4NAP6GT4TQRTBKWIRCZLIY
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NVP7TJVYJDXDFRHVQ3ENEN3H354QPXEZ
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00055.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.html
Связанные уязвимости
An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
An issue was discovered in LibVNCServer before 0.9.13. There is an inf ...
Уязвимость реализации функции ConnectToRFBRepeater кроссплатформенной библиотеки LibVNCServer, позволяющая нарушителю вызвать отказ в обслуживании