Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 634766 Details for
Bug 701820
net-misc/ssvnc: multiple vulnerabilities (CVE-2018-{20020,20021,20022,20024})
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
CVE-2018-20024 Patch
ssvnc-1.0.29-libvncclient_CVE-2018-20024.patch (text/plain), 1.17 KB, created by
David Turner
on 2020-04-26 21:50:13 UTC
(
hide
)
Description:
CVE-2018-20024 Patch
Filename:
MIME Type:
Creator:
David Turner
Created:
2020-04-26 21:50:13 UTC
Size:
1.17 KB
patch
obsolete
>Description: CVE-2018-20024 > null pointer dereference in VNC client code that can result DoS. >--- > >Author: Abhijith PA <abhijith@debian.org> >Origin: https://github.com/LibVNC/libvncserver/commit/4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 >Bug: https://github.com/LibVNC/libvncserver/issues/254 >Bug-Debian: https://bugs.debian.org/916941 >Last-Update: 2018-12-23 > >[sunweaver] Investigate CVE-2018-20024 in ssvnc and find similar issues in zrle.c and zlib.c. > The ultra.c code that this has originally been reported against is not present in > ssvnc. > >--- a/vnc_unixsrc/vncviewer/zlib.c >+++ b/vnc_unixsrc/vncviewer/zlib.c >@@ -55,6 +55,11 @@ > raw_buffer_size = (( rw * rh ) * ( BPP / 8 )); > raw_buffer = (char*) malloc( raw_buffer_size ); > >+ if (raw_buffer == NULL) { >+ >+ return False; >+ >+ } > } > > if (!ReadFromRFBServer((char *)&hdr, sz_rfbZlibHeader)) >--- a/vnc_unixsrc/vncviewer/zrle.c >+++ b/vnc_unixsrc/vncviewer/zrle.c >@@ -132,6 +132,12 @@ > raw_buffer_size = min_buffer_size; > raw_buffer = (char*) malloc( raw_buffer_size ); > >+ if ( raw_buffer == NULL ) { >+ >+ return False; >+ >+ } >+ > } > > if (!ReadFromRFBServer((char *)&header, sz_rfbZRLEHeader))
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 701820
:
634760
|
634762
|
634764
| 634766 |
634768