Описание
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
Отчет
This is only an issue if the "ConnectClientToUnixSock()" function is used directly with an overly long socket name. It's more common that the "ConnectToRFBServer()" function is used, which would prevent exploiting this flaw as it performs additional checks. Additionally, the buffer overflow is caught by compiled-in buffer overflow checks, limiting the impact to a crash.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libvncserver | Not affected | ||
| Red Hat Enterprise Linux 7 | libvncserver | Will not fix | ||
| Red Hat Enterprise Linux 8 | libvncserver | Fixed | RHSA-2021:1811 | 18.05.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer over ...
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
Уязвимость компонента libvncclient/sockets.c программного обеспечения для реализации VNC функций LibVNCServer, связанная с переполнением буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3