Описание
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.
Отчет
This flaw does not affect versions of vino shipped with Red Hat Enterprise Linux 6, 7, or 8 because vino does not ship the libvncclient. Additionally, Red Hat Product Security does not consider this to be a security vulnerability because no trust boundary is crossed and there is no known path of exploitation. This is a standard software reliability bug.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libvncserver | Not affected | ||
| Red Hat Enterprise Linux 6 | vino | Not affected | ||
| Red Hat Enterprise Linux 7 | libvncserver | Not affected | ||
| Red Hat Enterprise Linux 7 | vino | Not affected | ||
| Red Hat Enterprise Linux 8 | libvncserver | Not affected | ||
| Red Hat Enterprise Linux 8 | vino | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
0 Low
CVSS3
Связанные уязвимости
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned da ...
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c.
Уязвимость компонента libvncclient/rfbproto.c кроссплатформенной библиотеки LibVNCServer, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
0 Low
CVSS3