Package        : libvncserver
Version        : 0.9.9+dfsg2-6.1+deb8u4
CVE ID         : CVE-2018-6307 CVE-2018-15127 CVE-2018-20019
                 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022
                 CVE-2018-20023 CVE-2018-20024
Debian Bug     : 916941


Kaspersky Lab discovered several vulnerabilities in libvncserver, a C
library to implement VNC server/client functionalities.

CVE-2018-6307

    a heap use-after-free vulnerability in the server code of the file
    transfer extension, which can result in remote code execution. This
    attack appears to be exploitable via network connectivity.

CVE-2018-15127

    contains a heap out-of-bound write vulnerability in the server code
    of the file transfer extension, which can result in remote code
    execution. This attack appears to be exploitable via network
    connectivity.

CVE-2018-20019

    multiple heap out-of-bound write vulnerabilities in VNC client code,
    which can result in remote code execution.

CVE-2018-20020

    heap out-of-bound write vulnerability in a structure in VNC client
    code, which can result in remote code execution.

CVE-2018-20021

    CWE-835: Infinite Loop vulnerability in VNC client code. The
    vulnerability could allow an attacker to consume an excessive amount
    of resources, such as CPU and RAM.

CVE-2018-20022

    CWE-665: Improper Initialization weaknesses in VNC client code,
    which could allow an attacker to read stack memory and can be abused
    for information disclosure. Combined with another vulnerability, it
    can be used to leak stack memory layout and bypass ASLR.

CVE-2018-20023

    Improper Initialization vulnerability in VNC Repeater client code,
    which could allow an attacker to read stack memory and can be abused
    for information disclosure. Combined with another vulnerability, it
    can be used to leak stack memory layout and bypass ASLR.

CVE-2018-20024

    a null pointer dereference in VNC client code, which can result in
    DoS.

For Debian 8 "Jessie", these problems have been fixed in version
0.9.9+dfsg2-6.1+deb8u4.

We recommend that you upgrade your libvncserver packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Debian LTS: DLA-1617-1: libvncserver security update

December 27, 2018
Kaspersky Lab discovered several vulnerabilities in libvncserver, a C library to implement VNC server/client functionalities

Summary

Kaspersky Lab discovered several vulnerabilities in libvncserver, a C
library to implement VNC server/client functionalities.

CVE-2018-6307

a heap use-after-free vulnerability in the server code of the file
transfer extension, which can result in remote code execution. This
attack appears to be exploitable via network connectivity.

CVE-2018-15127

contains a heap out-of-bound write vulnerability in the server code
of the file transfer extension, which can result in remote code
execution. This attack appears to be exploitable via network
connectivity.

CVE-2018-20019

multiple heap out-of-bound write vulnerabilities in VNC client code,
which can result in remote code execution.

CVE-2018-20020

heap out-of-bound write vulnerability in a structure in VNC client
code, which can result in remote code execution.

CVE-2018-20021

CWE-835: Infinite Loop vulnerability in VNC client code. The
vulnerability could allow an attacker to consume an excessive amount
of...

Read the Full Advisory


Severity
Package : libvncserver
Version : 0.9.9+dfsg2-6.1+deb8u4
CVE ID : CVE-2018-6307 CVE-2018-15127 CVE-2018-20019
Debian Bug : 916941

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved